Tight VNC Tips

Installing from Debian 4.0 (Etch)

Tight VNC Server

    # aptitude install tightvncserver

Tight VNC Viewer

    # aptitude install xtightvncviewer

Tight VNC Server Configuration File

Global configuration defaults are specified in /etc/vnc.conf

I specified the following settings:

    $vncStartup = "/etc/X11/Xsession";
    $defaultDesktopName = "gnome";
    $geometry ="1024x768";

Starting Tight VNC Server

    $ vncserver

On the first occasion you need to specify a password for clients to connect with.

The output will tell you which display number it started on. Most likely to be ":1".

Connecting with Tight VNC Viewer

    $ vncviewer ip.address.of.server:1

e.g. vncviewer

Secure Connection Using SSH

Basically this technique relays a port on the local machine to a port on the remote machine. The VNC viewer application runs on the local machine, and the VNC server runs on the remote machine. The SSH tunnel transfers traffic on the local port 5902 to port 5901 on the remote machine.

Assuming you have SSH set up;

Start the VNC server on the remote machine so that it is runing on display :1 (which will use port 5901 by default).

Open two terminals on the local machine. In one start the SSH tunnel with

  • ssh -l userName -L 5902:localhost:5901 remotehost.domain.tld

Note: On a Windows VNC server, the port number defaults to 5900.

In the second terminal start the vnc viewer on display :2 (which will use port 5902 by default).

  • vncviewer -fullscreen -encodings "copyrect tight hextile" localhost:2

The local vncviewer thinks it's running against a VNC server listening on port 5902 of the localhost. SSH is relaying all data on port 5902 to the remote server's port 5901. As vncviewer thinks it's running on the localhost, it will use use low compression etc. by defualt, therefore you need to manually specify the jpeg compression ratios and limit the encodings to the efficient ones according to your actual connection type. The vncviewer(1) man pages describe the options more clearly than I can repeat here.

e.g. the default for remote connections is

  • vncviewer -fullscreen -encodings "copyrect tight hextile zlib corre rre raw" localhost:2

or really minimise network traffic (dial-up connection)

  • vncviewer -encodings "copyrect tight hextile zlib corre rre raw" -bgr233 -owncmap -compresslevel 9 -quality 0 localhost:2

It is well worth experimenting with various settings. Read the man pages!

See also Secure Secure Shell for information on further tightening SSH security.

-- Frank Dean - 23 Aug 2017

Putty Configuration

Local machine

Remote machine

  1. In Putty go to Connection -> SSH -> Tunnels

  2. Leave 'Local ports accept connections from other hosts' unchecked and 'Remote ports do the same (SSH-2 only)' unchecked

  3. Enter the 'Source port' as 5900 Enter the 'Destination' as localhost:5900

    • i.e. the IP address of the local machine
  4. Select 'Destination' as 'Remote' (Radio button)

  5. Click 'Add' - the list of forwarded ports should show:

    'R5900   localhost:5900'

Reverse Shell Using Plink

On Local Machine

    c:> cd "c:\Program Files\PuTTY"
    c:> plink -N -R 5900:localhost:5900 USERNAME@

On Remote Machine

    $ vncviewer localhost

-- Frank Dean - 29 Jun 2013

Back to My Mac (BTMM)

This is an Apple implementation of the VNC protocol. You can use vncviewer on another operating system to connect to a Mac that has BTMM enabled, just as you would to connect to any VNC server.

Enabling Back to My Mac is described in iMac desktop help under the Finder help topic 'Use Back to My Mac'. See also OS X El Capitan: Screen sharing overview for more information.

To access a remote machine using BTMM, you can forward port 5900 from the remote machine's router to the internal ip address of the remote machine. This approach is not good from a security perspective.

You can also share screens between computers that are linked to your iCloud account. OS X El Capitan: Share your screen using Back to My Mac. If your router is configured to allow Universal Plug and Play (UPnP) or the NAT Port Mapping Protocol (NAT-PMP), this should work without needing to open up ports such as 5900.

Another option is to set up an SSH tunnel which is a reasonably secure method, subject to using up-to-date software, together with private/public SSH keys and strong passwords. This section describes using BTMM over an SSH tunnel.

  1. On the remote server, open System Preferences -> iCloud

  2. In the right-hand list, enable Back to My Mac

  3. On the remote server, open System Preferences -> Sharing

  4. Enable Remote Login to allow SSH access to the machine

  5. Either enable Remote Management or Screen Sharing

  6. Optionally, select Computer Settings... and enable VNC viewers may control screen with password: if you wish to allow access via VNC as well as BTTM. Enter an appropriate password. The password is limited to a maximum of only 8 characters.

  7. Find out the Internet facing public IP address of the remote server. Use a search engine with the terms "what is my ip" to discover it. Refer to Wikipedia—Dynamic DNS for information on updating a dynamic DNS server when your IP address changes

  8. On the local machine, in a terminal window create an SSH tunnel to the remote server, using the Internet facing IP address of your router:

    ssh -L 5900:localhost:5900 target.server.ip.or.name
  9. Optionally, enable Back to My Mac on the local machine. This is not strictly necessary to perform screen sharing (via VNC/BTMM), but if it is enabled, the remotely shared server should be displayed under the 'Shared' section of the Finder sidebar, once port 5900 is open to the remote server. You do need to enable it if you wish to use file sharing.

  10. In Finder, type Command-K (%K) or select Go -> Connect to Server... from the Finder menu. Enter the address to connect to as follows:


    If you're using a port other than the default 5900, append the port number to the address separated by a colon, e.g.:

  11. When prompted, enter the username and account password belonging to the remote server you are connecting to.

  12. The Screen Sharing application should now display the remote desktop.

The Screen Sharing application isn't listed in Launchpad. If for some reason you want to run it directly, it's located at:

/System/Library/CoreServices/Applications/Screen Sharing.app/Contents/MacOS/Screen Sharing

-- Frank Dean - 25 Mar 2017

Finding Your BTMM Account Number

Make sure you're signed into iCloud, then run the following command from a terminal window:

$ dns-sd -E
Looking for recommended registration domains:
DATE: ---Thu 01 Jun 2017---
13:18:43.094  ...STARTING...
Timestamp     Recommended Registration domain
13:18:43.094  Added     (More)               local
13:18:43.095  Added                          icloud.com
                                             - > btmm
                                             - - > members
                                             - - - > xxxxxxxxxxx

The account number consists of the last entries concatentated in reverse order, e.g. the above example's account number is xxxxxxxxxxx.members.btmm.icloud.com

To connect to one of your BTMM enabled hosts signed into the same iCloud account, you prefix the account number with the host name, in lower-case with spaces replaced with hyphens. e.g my-host.xxxxxxxxxxx.members.btmm.icloud.com.

The hostname command can be used to show the hostname.

$ hostname

Ping the host with:

$ ping6 my-host.xxxxxxxxxxx.members.btmm.icloud.com

If SSH is enabled on the host, connect with:

$ ssh -2 my-host.xxxxxxxxxxx.members.btmm.icloud.com

See Remote SSH using Back To My Mac for more info.


Related Topics: ReverseShell, MacOSXTips

-- Frank Dean - 10 Aug 2004