Using OSX VNC

I manage our MAC OS X server on a Windows XP machine from a command shell from ssh.com. I can do 98% of my task from the command line, however sometimes I need to use the MAC GUI. I have OSXVNC running on the OS X and Real VNC running on my Windows box.

For our staging server, there is no real security concerns running VNC because the box is inside of our network and can not receive outside traffic. However for our production Web Server, I don’t think it’s a good idea to have VNC running even if you change the default port. For one reason OSXVNC only does 1 part authentication, I.E. you are only challenged with a password, not a user name. Instead of running down to the server room everytime I have to use the MAC GUI, I instead have came up with this nice little tip.

I start VNC server from the command line in my shell client specifing an encrypted password file, log on to VNC, do my buisness, and then kill the VNC server thread. In security theory it goes like this: - I create a locked door on the fly, open it up (keeping it locked behind me), then destroy the door when I am done. This is how to do it.

- OSCVnc creates a directory when installed named: /OSXvnc.app/ - Inside /OSXvnc.app/ there is a utility named: storepassword - Run this command to create your encrypted file with your password in it:


#./storepassword yourpassword yourfilename
To start OSXVnc by command line:

 - Go inside the Application directory(OSXvnc.app) and launch the OSXvnc-server process.

 - To change parameters you will need to give it arguments (-rfbport to set port, -rfbauth to specify a password file, etc).  For usage run the command with -help. For example:
# ./OSXvnc-server -rfbauth yourfilename

This starts the OSXvnc server with your encrypted password file

Now, start your RealVNC client on your windows machine. You will be asked to autheticate. Once you are done with the MAC GUI, close RealVNC, go back to your command shell and hit: “Ctrl + X” to kill the VNC thread. This is a nice way to not worry about running VNC all the time on your production boxes exposed to the world.

Written by Tim on March 8th, 2006 with 6 comments.
Read more articles on unix.

[+] Digg: Feature this article
[+] Del.icio.us: Bookmark this article
[+] Furl: Bookmark this article

Leopard Service Pack 2 Coming (January 22nd, 2008)
YSlow & Improving Speed (August 16th, 2007)
Safari on Windows (June 11th, 2007)
OS X Software Updates - Bloated (May 16th, 2007)
SMB Files from Unix to Windows 2003 Share Folder (February 24th, 2006)

6 comments

Read the comments left by other users below, or:

Apteka internetowa
#1. June 27th, 2007, at 2:40 PM.

It’s very good article. Great site with very good look and perfect information…I like it

jungle
#2. July 2nd, 2007, at 3:31 PM.

The standard way of doing this is through a ssh tunnel, which is a lot more
secure than this suggestion of creating a temporary open door.

Tim
#3. July 2nd, 2007, at 5:04 PM.

Your right, although I believe the VNC password is hashed went sent over the line. Here is a tutorial to best explain getting SSH to work on Windows with VNC. http://www.trekweb.com/~jasonb/articles/vnc_ssh.shtml

Mention from Dante.79clungcv.cn
#4. April 28th, 2008, at 3:19 AM.

vnc osx: OSX VNC SecurelyHow to use osx vnc from a Windows Machine Securelyhttp://www.techtoolblog.com/archives/using-osx-vncRealVNC - VNC Enterprise Edition for Mac OS ...

Marco
#5. September 9th, 2008, at 10:03 AM.

You saved my day! I couldm’t connect to a remote server and even vpn was down.
With your procedure and some tricks I managed to reconnect to the server!
Thank you a lot

Marco

Mention from Technotes.twosmallcoins.com
#6. February 10th, 2009, at 8:50 PM.

Ryan’s Tech Notes » Blog Archive » Enabling Remote Access to Apple OS X Leopard via SSH Command Line: sharing while you need it, and then turn it off when you’re done. Also, the write-ups of Tim Boland ...