Vous n'êtes pas identifié(e).
L'icône rouge permet de télécharger chaque page du wiki visitée au format PDF et la grise au format ODT →
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente Prochaine révision Les deux révisions suivantes | ||
doc:reseau:x11vnc [25/03/2019 13:22] Debian Alain [Créer un tunnel ssh :] |
doc:reseau:x11vnc [26/03/2019 03:28] Debian Alain [connexion avec ssl (utilisation manuelle)] |
||
---|---|---|---|
Ligne 65: | Ligne 65: | ||
- | <note tip>de même que la sécurisation par mot de passe , x11vnc permet aussi la sécurisation par (clé) ssl. | + | <note tip>de même que la sécurisation par mot de passe , |
- | pour la sécurisation par clé ssl , j'invite les bonnes volontés à se pencher dessus . | + | il y a possibilité de créer un "tunnel ssh" (voir ci - après et liens) |
- | il y a néamoins possibilité de créer un "tunnel ssh" (voir ci - après et liens) </note> | + | ou de créer une connexion vnc par ssl (ssvnc) .</note> |
+ | |||
+ | <note warning>ATTENTION ! ne confondez pas le mot de passe de vnc et le mot de passe user de votre systeme ! </note> | ||
Ligne 84: | Ligne 86: | ||
en ssh , (sur la machine locale) vers la machine distante : | en ssh , (sur la machine locale) vers la machine distante : | ||
<code user>ssh id_user_distant@ip_distante</code> | <code user>ssh id_user_distant@ip_distante</code> | ||
+ | |||
+ | exemple : | ||
+ | |||
+ | {{/file-Rb1aeab106203e374cbc6b52e65cf4357.png}} | ||
pour plus ample information , voire les liens en bas du document . | pour plus ample information , voire les liens en bas du document . | ||
Ligne 97: | Ligne 103: | ||
on peut aussi la lancer en direct sur le pc distant où est installé le logiciel | on peut aussi la lancer en direct sur le pc distant où est installé le logiciel | ||
- | <code user>x11vnc -many -rfbauth ~/.vnc_passwd</code> | + | <code user>x11vnc -many -rfbauth ~/.vnc/passwd</code> |
+ | |||
+ | <note tip>IMPORTANT ! | ||
+ | |||
+ | on parle bien ici du mot de passe de vnc ! | ||
+ | |||
+ | stocké dans le fichier par défaut "~/.vnc/passwd" de la commande "x11vnc -storepasswd" </note> | ||
+ | |||
+ | <code>alain@debian:~$ x11vnc -many -rfbauth ~/.vnc/passwd | ||
+ | 26/03/2019 03:06:08 passing arg to libvncserver: -rfbauth | ||
+ | 26/03/2019 03:06:08 passing arg to libvncserver: /home/alain/.vnc/passwd | ||
+ | 26/03/2019 03:06:08 x11vnc version: 0.9.13 lastmod: 2011-08-10 pid: 3843 | ||
+ | 26/03/2019 03:06:08 XOpenDisplay("") failed. | ||
+ | 26/03/2019 03:06:08 Trying again with XAUTHLOCALHOSTNAME=localhost ... | ||
+ | 26/03/2019 03:06:08 | ||
+ | 26/03/2019 03:06:08 *** XOpenDisplay failed. No -display or DISPLAY. | ||
+ | 26/03/2019 03:06:08 *** Trying ":0" in 4 seconds. Press Ctrl-C to abort. | ||
+ | 26/03/2019 03:06:08 *** 1 2 3 4 | ||
+ | 26/03/2019 03:06:12 *** XOpenDisplay of ":0" successful. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Using X display :0 | ||
+ | 26/03/2019 03:06:12 rootwin: 0x280 reswin: 0x800001 dpy: 0x24ad6c20 | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 ------------------ USEFUL INFORMATION ------------------ | ||
+ | 26/03/2019 03:06:12 X DAMAGE available on display, using it for polling hints. | ||
+ | 26/03/2019 03:06:12 To disable this behavior use: '-noxdamage' | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Most compositing window managers like 'compiz' or 'beryl' | ||
+ | 26/03/2019 03:06:12 cause X DAMAGE to fail, and so you may not see any screen | ||
+ | 26/03/2019 03:06:12 updates via VNC. Either disable 'compiz' (recommended) or | ||
+ | 26/03/2019 03:06:12 supply the x11vnc '-noxdamage' command line option. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Wireframing: -wireframe mode is in effect for window moves. | ||
+ | 26/03/2019 03:06:12 If this yields undesired behavior (poor response, painting | ||
+ | 26/03/2019 03:06:12 errors, etc) it may be disabled: | ||
+ | 26/03/2019 03:06:12 - use '-nowf' to disable wireframing completely. | ||
+ | 26/03/2019 03:06:12 - use '-nowcr' to disable the Copy Rectangle after the | ||
+ | 26/03/2019 03:06:12 moved window is released in the new position. | ||
+ | 26/03/2019 03:06:12 Also see the -help entry for tuning parameters. | ||
+ | 26/03/2019 03:06:12 You can press 3 Alt_L's (Left "Alt" key) in a row to | ||
+ | 26/03/2019 03:06:12 repaint the screen, also see the -fixscreen option for | ||
+ | 26/03/2019 03:06:12 periodic repaints. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 XFIXES available on display, resetting cursor mode | ||
+ | 26/03/2019 03:06:12 to: '-cursor most'. | ||
+ | 26/03/2019 03:06:12 to disable this behavior use: '-cursor arrow' | ||
+ | 26/03/2019 03:06:12 or '-noxfixes'. | ||
+ | 26/03/2019 03:06:12 using XFIXES for cursor drawing. | ||
+ | 26/03/2019 03:06:12 GrabServer control via XTEST. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Scroll Detection: -scrollcopyrect mode is in effect to | ||
+ | 26/03/2019 03:06:12 use RECORD extension to try to detect scrolling windows | ||
+ | 26/03/2019 03:06:12 (induced by either user keystroke or mouse input). | ||
+ | 26/03/2019 03:06:12 If this yields undesired behavior (poor response, painting | ||
+ | 26/03/2019 03:06:12 errors, etc) it may be disabled via: '-noscr' | ||
+ | 26/03/2019 03:06:12 Also see the -help entry for tuning parameters. | ||
+ | 26/03/2019 03:06:12 You can press 3 Alt_L's (Left "Alt" key) in a row to | ||
+ | 26/03/2019 03:06:12 repaint the screen, also see the -fixscreen option for | ||
+ | 26/03/2019 03:06:12 periodic repaints. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 XKEYBOARD: number of keysyms per keycode 7 is greater | ||
+ | 26/03/2019 03:06:12 than 4 and 51 keysyms are mapped above 4. | ||
+ | 26/03/2019 03:06:12 Automatically switching to -xkb mode. | ||
+ | 26/03/2019 03:06:12 If this makes the key mapping worse you can | ||
+ | 26/03/2019 03:06:12 disable it with the "-noxkb" option. | ||
+ | 26/03/2019 03:06:12 Also, remember "-remap DEAD" for accenting characters. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 X FBPM extension not supported. | ||
+ | 26/03/2019 03:06:12 X display is capable of DPMS. | ||
+ | 26/03/2019 03:06:12 -------------------------------------------------------- | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Default visual ID: 0x21 | ||
+ | 26/03/2019 03:06:12 Read initial data from X display into framebuffer. | ||
+ | 26/03/2019 03:06:12 initialize_screen: fb_depth/fb_bpp/fb_Bpl 24/32/4608 | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 X display :0 is 32bpp depth=24 true color | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Autoprobing TCP port | ||
+ | 26/03/2019 03:06:12 Autoprobing selected TCP port 5900 | ||
+ | 26/03/2019 03:06:12 Autoprobing TCP6 port | ||
+ | 26/03/2019 03:06:12 Autoprobing selected TCP6 port 5900 | ||
+ | 26/03/2019 03:06:12 listen6: bind: Address already in use | ||
+ | 26/03/2019 03:06:12 Not listening on IPv6 interface. | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 Xinerama is present and active (e.g. multi-head). | ||
+ | 26/03/2019 03:06:12 Xinerama: number of sub-screens: 1 | ||
+ | 26/03/2019 03:06:12 Xinerama: no blackouts needed (only one sub-screen) | ||
+ | 26/03/2019 03:06:12 | ||
+ | 26/03/2019 03:06:12 fb read rate: 2137 MB/sec | ||
+ | 26/03/2019 03:06:12 fast read: reset -wait ms to: 10 | ||
+ | 26/03/2019 03:06:12 fast read: reset -defer ms to: 10 | ||
+ | 26/03/2019 03:06:12 The X server says there are 10 mouse buttons. | ||
+ | 26/03/2019 03:06:12 screen setup finished. | ||
+ | 26/03/2019 03:06:12 | ||
+ | |||
+ | The VNC desktop is: debian:0 | ||
+ | PORT=5900 | ||
+ | |||
+ | ****************************************************************************** | ||
+ | Have you tried the x11vnc '-ncache' VNC client-side pixel caching feature yet? | ||
+ | |||
+ | The scheme stores pixel data offscreen on the VNC viewer side for faster | ||
+ | retrieval. It should work with any VNC viewer. Try it by running: | ||
+ | |||
+ | x11vnc -ncache 10 ... | ||
+ | |||
+ | One can also add -ncache_cr for smooth 'copyrect' window motion. | ||
+ | More info: http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching | ||
+ | </code> | ||
===== Créer un tunnel ssh : ===== | ===== Créer un tunnel ssh : ===== | ||
Ligne 148: | Ligne 262: | ||
exit 0 | exit 0 | ||
EOF</code> | EOF</code> | ||
+ | |||
n'oubliez pas les droits : | n'oubliez pas les droits : | ||
Ligne 165: | Ligne 280: | ||
<note tip>vous pouvez éditer le script avec nano (voir plus amples infos dans les notes de bas de page)</note> | <note tip>vous pouvez éditer le script avec nano (voir plus amples infos dans les notes de bas de page)</note> | ||
+ | |||
+ | <note important>on parle , ici , de la connexion au systeme (en ssh) , donc , du mot de passe systeme (user) </note> | ||
+ | |||
+ | écran : | ||
+ | |||
+ | <code>alain@Alain-PC:~$ ssh -f -L 5900:localhost:5900 alain@192.168.1.32 "x11vnc -safer -localhost -nopw -once -display :0"; vncviewer localhost:5900 | ||
+ | alain@192.168.1.32's password: | ||
+ | bind [127.0.0.1]:5900: Address already in use | ||
+ | channel_setup_fwd_listener_tcpip: cannot listen to port: 5900 | ||
+ | Could not request local forwarding. | ||
+ | |||
+ | TigerVNC Viewer 64-bit v1.9.0 | ||
+ | Built on: 2018-12-01 21:51 | ||
+ | Copyright (C) 1999-2018 TigerVNC Team and many others (see README.rst) | ||
+ | See http://www.tigervnc.org for information on TigerVNC. | ||
+ | |||
+ | Tue Mar 26 03:17:13 2019 | ||
+ | DecodeManager: Detected 16 CPU core(s) | ||
+ | DecodeManager: Creating 4 decoder thread(s) | ||
+ | CConn: connected to host localhost port 5900 | ||
+ | 26/03/2019 03:17:13 -safer mode: | ||
+ | 26/03/2019 03:17:13 vnc_connect=0 | ||
+ | 26/03/2019 03:17:13 accept_remote_cmds=0 | ||
+ | 26/03/2019 03:17:13 safe_remote_only=1 | ||
+ | 26/03/2019 03:17:13 launch_gui=0 | ||
+ | 26/03/2019 03:17:13 x11vnc version: 0.9.13 lastmod: 2011-08-10 pid: 4062 | ||
+ | 26/03/2019 03:17:13 Using X display :0 | ||
+ | 26/03/2019 03:17:13 rootwin: 0x280 reswin: 0x8800001 dpy: 0xbbf2dcb0 | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 ------------------ USEFUL INFORMATION ------------------ | ||
+ | 26/03/2019 03:17:13 Got connection from client ::1 | ||
+ | 26/03/2019 03:17:13 other clients: | ||
+ | 26/03/2019 03:17:13 X DAMAGE available on display, using it for polling hints. | ||
+ | 26/03/2019 03:17:13 To disable this behavior use: '-noxdamage' | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 Most compositing window managers like 'compiz' or 'beryl' | ||
+ | 26/03/2019 03:17:13 cause X DAMAGE to fail, and so you may not see any screen | ||
+ | 26/03/2019 03:17:13 updates via VNC. Either disable 'compiz' (recommended) or | ||
+ | 26/03/2019 03:17:13 supply the x11vnc '-noxdamage' command line option. | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 Wireframing: -wireframe mode is in effect for window moves. | ||
+ | 26/03/2019 03:17:13 If this yields undesired behavior (poor response, painting | ||
+ | 26/03/2019 03:17:13 errors, etc) it may be disabled: | ||
+ | 26/03/2019 03:17:13 - use '-nowf' to disable wireframing completely. | ||
+ | 26/03/2019 03:17:13 - use '-nowcr' to disable the Copy Rectangle after the | ||
+ | 26/03/2019 03:17:13 moved window is released in the new position. | ||
+ | 26/03/2019 03:17:13 Also see the -help entry for tuning parameters. | ||
+ | 26/03/2019 03:17:13 You can press 3 Alt_L's (Left "Alt" key) in a row to | ||
+ | 26/03/2019 03:17:13 repaint the screen, also see the -fixscreen option for | ||
+ | 26/03/2019 03:17:13 periodic repaints. | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 XFIXES available on display, resetting cursor mode | ||
+ | 26/03/2019 03:17:13 to: '-cursor most'. | ||
+ | 26/03/2019 03:17:13 to disable this behavior use: '-cursor arrow' | ||
+ | 26/03/2019 03:17:13 or '-noxfixes'. | ||
+ | 26/03/2019 03:17:13 using XFIXES for cursor drawing. | ||
+ | 26/03/2019 03:17:13 GrabServer control via XTEST. | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 Scroll Detection: -scrollcopyrect mode is in effect to | ||
+ | 26/03/2019 03:17:13 use RECORD extension to try to detect scrolling windows | ||
+ | 26/03/2019 03:17:13 (induced by either user keystroke or mouse input). | ||
+ | 26/03/2019 03:17:13 If this yields undesired behavior (poor response, painting | ||
+ | 26/03/2019 03:17:13 errors, etc) it may be disabled via: '-noscr' | ||
+ | 26/03/2019 03:17:13 Also see the -help entry for tuning parameters. | ||
+ | 26/03/2019 03:17:13 You can press 3 Alt_L's (Left "Alt" key) in a row to | ||
+ | 26/03/2019 03:17:13 repaint the screen, also see the -fixscreen option for | ||
+ | 26/03/2019 03:17:13 periodic repaints. | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 XKEYBOARD: number of keysyms per keycode 7 is greater | ||
+ | 26/03/2019 03:17:13 than 4 and 51 keysyms are mapped above 4. | ||
+ | 26/03/2019 03:17:13 Automatically switching to -xkb mode. | ||
+ | 26/03/2019 03:17:13 If this makes the key mapping worse you can | ||
+ | 26/03/2019 03:17:13 disable it with the "-noxkb" option. | ||
+ | 26/03/2019 03:17:13 Also, remember "-remap DEAD" for accenting characters. | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 X FBPM extension not supported. | ||
+ | 26/03/2019 03:17:13 X display is capable of DPMS. | ||
+ | 26/03/2019 03:17:13 -------------------------------------------------------- | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 Default visual ID: 0x21 | ||
+ | 26/03/2019 03:17:13 Read initial data from X display into framebuffer. | ||
+ | 26/03/2019 03:17:13 initialize_screen: fb_depth/fb_bpp/fb_Bpl 24/32/4608 | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 X display :0 is 32bpp depth=24 true color | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 Autoprobing TCP port | ||
+ | 26/03/2019 03:17:13 Autoprobing selected TCP port 5907 | ||
+ | 26/03/2019 03:17:13 Autoprobing TCP6 port | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 rfbListenOnTCP6Port: error in bind IPv6 socket: Address already in use | ||
+ | 26/03/2019 03:17:13 Autoprobing selected TCP6 port 5907 | ||
+ | 26/03/2019 03:17:13 listen6: bind: Address already in use | ||
+ | 26/03/2019 03:17:13 Not listening on IPv6 interface. | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 Xinerama is present and active (e.g. multi-head). | ||
+ | 26/03/2019 03:17:13 Xinerama: number of sub-screens: 1 | ||
+ | 26/03/2019 03:17:13 Xinerama: no blackouts needed (only one sub-screen) | ||
+ | 26/03/2019 03:17:13 | ||
+ | 26/03/2019 03:17:13 fb read rate: 1456 MB/sec | ||
+ | 26/03/2019 03:17:13 fast read: reset -wait ms to: 10 | ||
+ | 26/03/2019 03:17:13 fast read: reset -defer ms to: 10 | ||
+ | 26/03/2019 03:17:13 The X server says there are 10 mouse buttons. | ||
+ | 26/03/2019 03:17:13 screen setup finished. | ||
+ | 26/03/2019 03:17:13 | ||
+ | |||
+ | The VNC desktop is: localhost:7 | ||
+ | PORT=5907 | ||
+ | |||
+ | ****************************************************************************** | ||
+ | Have you tried the x11vnc '-ncache' VNC client-side pixel caching feature yet? | ||
+ | |||
+ | The scheme stores pixel data offscreen on the VNC viewer side for faster | ||
+ | retrieval. It should work with any VNC viewer. Try it by running: | ||
+ | |||
+ | x11vnc -ncache 10 ... | ||
+ | |||
+ | One can also add -ncache_cr for smooth 'copyrect' window motion. | ||
+ | More info: http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching | ||
+ | |||
+ | 26/03/2019 03:17:13 Normal socket connection | ||
+ | 26/03/2019 03:17:13 check_access: client addr ::1 is local. | ||
+ | CConnection: Server supports RFB protocol version 3.8 | ||
+ | CConnection: Using RFB protocol version 3.8 | ||
+ | 26/03/2019 03:17:13 Disabled X server key autorepeat. | ||
+ | 26/03/2019 03:17:13 to force back on run: 'xset r on' (3 times) | ||
+ | 26/03/2019 03:17:13 incr accepted_client=1 for ::1:38416 sock=11 | ||
+ | CConnection: Choosing security type None(1) | ||
+ | 26/03/2019 03:17:13 Client Protocol Version 3.8 | ||
+ | 26/03/2019 03:17:13 Protocol version sent 3.8, using 3.8 | ||
+ | 26/03/2019 03:17:13 rfbProcessClientSecurityType: executing handler for type 1 | ||
+ | 26/03/2019 03:17:13 rfbProcessClientSecurityType: returning securityResult for client rfb version >= 3.8 | ||
+ | CConn: Using pixel format depth 24 (32bpp) little-endian rgb888 | ||
+ | CConn: Using Tight encoding | ||
+ | 26/03/2019 03:17:13 Pixel format for client ::1: | ||
+ | 26/03/2019 03:17:13 32 bpp, depth 24, little endian | ||
+ | 26/03/2019 03:17:13 true colour: max r 255 g 255 b 255, shift r 16 g 8 b 0 | ||
+ | 26/03/2019 03:17:13 no translation needed | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFEC6) | ||
+ | 26/03/2019 03:17:13 Enabling full-color cursor updates for client ::1 | ||
+ | 26/03/2019 03:17:13 Enabling X-style cursor updates for client ::1 | ||
+ | 26/03/2019 03:17:13 Enabling NewFBSize protocol extension for client ::1 | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFECC) | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFECD) | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFEFB) | ||
+ | 26/03/2019 03:17:13 Enabling LastRect protocol extension for client ::1 | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFEC7) | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFEC8) | ||
+ | 26/03/2019 03:17:13 rfbProcessClientNormalMessage: ignoring unsupported encoding type Enc(0xFFFFFEFE) | ||
+ | 26/03/2019 03:17:13 Using image quality level 8 for client ::1 | ||
+ | 26/03/2019 03:17:13 Using JPEG subsampling 0, Q92 for client ::1 | ||
+ | 26/03/2019 03:17:13 Using tight encoding for client ::1 | ||
+ | 26/03/2019 03:17:13 client useCopyRect: ::1 -1 | ||
+ | 26/03/2019 03:17:13 client_set_net: ::1 0.0000 | ||
+ | 26/03/2019 03:17:13 created xdamage object: 0x800028 | ||
+ | 26/03/2019 03:17:14 copy_tiles: allocating first_line at size 37 | ||
+ | 26/03/2019 03:17:22 created selwin: 0x800029 | ||
+ | 26/03/2019 03:17:22 called initialize_xfixes() | ||
+ | |||
+ | </code> | ||
+ | |||
+ | |||
+ | ===== connexion avec ssl (préambule) ===== | ||
+ | <note tip>SSVNC est un client ssl - vnc dérivé de tightvnc . il gère aussi le ssh ainsi que le ssl + ssh . | ||
+ | |||
+ | je ne parle pas de ces deux options annexes ici , je ne me suis pas penché dessus . | ||
+ | |||
+ | mais libre à vous . vous pourrez ainsi développer ce tuto . </note> | ||
+ | installer ssvnc en local | ||
+ | <code root>apt install ssvnc </code> | ||
+ | |||
+ | on crée le dossier /.vnc/certs/accepted/ | ||
+ | |||
+ | avant de le créer , vérifier , avec tree , s'il n'existe pas déjà : | ||
+ | |||
+ | auquel cas , l'étape de création est inutile . | ||
+ | <code user>tree ~/.vnc/</code> | ||
+ | <code root>mkdir ~/.vnc/certs/ | ||
+ | |||
+ | mkdir ~/.vnc/certs/accepted/</code> | ||
+ | |||
+ | en ssh , on se connecte à la machine distante : | ||
+ | <code user>ssh <user_distant>@<ip_distant></code> | ||
+ | <note tip>ici , il est question du mot de passe systeme (en cas de besoin)</note> | ||
+ | |||
+ | on initialise la connexion :<code user>x11vnc -ssl SAVE-key</code> | ||
+ | après avoir rentré la passphrase , qu'on note sur un carnet de peur de l'oublier , | ||
+ | <note tip>ICI , il est question du mot de passe ssl (de la passphrase)</note> | ||
+ | |||
+ | on va copier la clé depuis le serveur vers le client : | ||
+ | <code user>scp -r -p ~/.vnc/certs/server-key.crt id_locale@ip_locale:~/.vnc/certs/accepted/server-key.crt</code> | ||
+ | |||
+ | ===== connexion avec ssl (utilisation manuelle) ===== | ||
+ | |||
+ | relancer x11vnc en ssh | ||
+ | <code user>x11vnc -ssl SAVE-key -forever</code> | ||
+ | <note important>rentrer la passphrase que l'on a noté (pour ne pas l'oublier).</note> | ||
+ | |||
+ | on ne ferme pas la console distante (ssh) et | ||
+ | |||
+ | on ouvre une console locale : | ||
+ | <code user>ssvnc</code> | ||
+ | puis rentrer comme demandé l'adresse de l'hôte : | ||
+ | |||
+ | ici , le pc distant . | ||
+ | |||
+ | et le mot de passe du pc distant . | ||
+ | |||
+ | ne pas rentrer de proxy . | ||
+ | |||
+ | dans le cas présent , c'est inutile . | ||
+ | |||
+ | laisser les réglages par défaut et | ||
+ | |||
+ | cliquer sur connexion . | ||
+ | |||
+ | ssvnc demandera confirmation pour le certificat (la 1ere fois) et | ||
+ | |||
+ | lancera vncviewer en ssl . | ||
+ | |||
+ | voilà ! | ||
+ | |||
+ | |||
+ | ===== Connexion à ssl : écrans types ssvnc ===== | ||
+ | |||
+ | graphiques : | ||
+ | |||
+ | [[https://framapic.org/x0dKtkbTpsLt/tqwCRehZfb7A.png|image de départ ssvnc]] | ||
+ | |||
+ | {{/file-Rd6be60172f02d1b2e7df6e3512487a07.png}} | ||
+ | |||
+ | [[https://framapic.org/X5prRZWcqSMO/l6vydxBIqKfp.png|ssvnc menu "options"]] | ||
+ | |||
+ | {{/file-Rdf464b8746bb16476ae7809343488537.png}} | ||
+ | |||
+ | [[https://framapic.org/f23Yib5HdyrH/Jruvs251FvjB.png|écran d'accueil ssvnc ]] | ||
+ | |||
+ | {{/file-R9d27116ce2291bd78762aa6219fcf447.png}} | ||
+ | |||
+ | [[https://framapic.org/Se130C7M5qIg/7mZedNZ5tv6y.png|demande confirmation mot de passe systeme (ssh) ]] | ||
+ | |||
+ | {{/file-Rf860ee84ba032ac7a132c3b8f11073e3.png}} | ||
+ | |||
+ | [[https://framapic.org/rusasqK1MmPN/fQD8vsoVybFV.png|résultat par exemple (ssvnc d'une V.M. à l'origine)]] | ||
+ | |||
+ | {{/file-R1482911941c8b0f10ea1a1670a63d5fc.png}} | ||
+ | |||
+ | |||
+ | |||
+ | |||
Ligne 185: | Ligne 554: | ||
on peut faire ceci : | on peut faire ceci : | ||
- | ce n'est pas une solution universelle . il faut parfois l'adapter . | + | <note warning>ce n'est pas une solution universelle . il faut parfois l'adapter .</note> |
<code root>cat > /etc/systemd/system/x11vnc.service <<EOF | <code root>cat > /etc/systemd/system/x11vnc.service <<EOF | ||
Ligne 202: | Ligne 571: | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
EOF</code> | EOF</code> | ||
+ | |||
+ | N.B.: remplacer <code>/path/.vncpasswd</code> par l'adresse du fichier de mot de passe . | ||
+ | |||
+ | ici (dans ce tuto): <code>/home/<user>/.vnc/passwd</code> | ||
+ | |||
+ | par exemple : <code>/home/switch/.vnc/passwd</code> | ||
on attribue les bons droits au fichier : | on attribue les bons droits au fichier : | ||
Ligne 226: | Ligne 601: | ||
===== Astuces :) ===== | ===== Astuces :) ===== | ||
Lancer un serveur vnc à distance , puis s'y connecter de chez vous, en une commande grâce à ssh : | Lancer un serveur vnc à distance , puis s'y connecter de chez vous, en une commande grâce à ssh : | ||
+ | il s'agit d'un "tunnel ssh" . | ||
+ | |||
<code user>ssh -f -L 5900:localhost:5900 your.ssh.server "x11vnc -safer -localhost -nopw -once -display :0"; vinagre localhost:5900</code> | <code user>ssh -f -L 5900:localhost:5900 your.ssh.server "x11vnc -safer -localhost -nopw -once -display :0"; vinagre localhost:5900</code> | ||
+ | |||
+ | dans le cas présent , vous pouvez remplacer "vinagre" par "vncviewer" . | ||
+ | |||
+ | ce qui donne : | ||
+ | <code user>ssh -f -L 5900:localhost:5900 your.ssh.server "x11vnc -safer -localhost -nopw -once -display :0"; vncviewer localhost:5900</code> | ||
+ | |||
+ | pareil : s'il est un peu capricieux , n'hésitez pas à le relancer plusiers fois de suite (2 ou 3 fois suffiront , normalement) | ||
Ligne 253: | Ligne 637: | ||
<code>adaptez /home/switch/ à votre configuration . | <code>adaptez /home/switch/ à votre configuration . | ||
normalement /home/<utilisateur>/</code> | normalement /home/<utilisateur>/</code> | ||
+ | |||
+ | avec un tunnel ssh , on peut obtenir ceci : | ||
+ | <code user>nano .bash_aliases</code> | ||
+ | <code user>alias tunnelssh='ssh -f -L 5900:localhost:5900 your.ssh.server "x11vnc -safer -localhost -nopw -once -display :0"; vncviewer localhost:5900'</code> | ||
+ | |||
+ | |||
je ne sais plus s'il faut redémarrer la session ou le pc après la création d'un alias . | je ne sais plus s'il faut redémarrer la session ou le pc après la création d'un alias . | ||
Ligne 261: | Ligne 651: | ||
- | ===== culture générale ===== | + | ===== culture générale <biliographies> ===== |
- | à lire , avant tout : | + | lectures utiles à compulser librement ou en cas de curiosité : |
x11vnc : | x11vnc : | ||
Ligne 276: | Ligne 666: | ||
[[https://forum-francophone-linuxmint.fr/viewtopic.php?f=22&t=12697#p145523 | linux mint perso ]] | [[https://forum-francophone-linuxmint.fr/viewtopic.php?f=22&t=12697#p145523 | linux mint perso ]] | ||
- | [[http://www.karlrunge.com/x11vnc/ | karlrunge ]] | + | [[http://www.karlrunge.com/x11vnc/ | karlrunge (eng.)]] |
+ | |||
+ | [[https://www.mankier.com/1/x11vnc | x11vnc : commandes (eng.) ]] | ||
+ | |||
+ | Site généraliste très intéressant (ssh , vnc , ssvnc , ...) : | ||
+ | |||
+ | [[https://pronflette.developpez.com/tutoriels/controle-distance/]] | ||
+ | |||
+ | vnc : | ||
+ | |||
+ | [[https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-vnc-on-debian-9 | install and configure vnc (eng.) ]] | ||
tigervnc : | tigervnc : | ||
Ligne 300: | Ligne 700: | ||
[[http://mad-b.net/docs/linux-vncssh.html | vnc : accès par tunnel ssh ]] | [[http://mad-b.net/docs/linux-vncssh.html | vnc : accès par tunnel ssh ]] | ||
- | [[https://superuser.com/questions/1270767/ssh-tunnel-and-vnc | super user : tunel ssh ]] | + | [[https://superuser.com/questions/1270767/ssh-tunnel-and-vnc | super user : tunel ssh (eng.) ]] |
+ | |||
+ | ssl : | ||
+ | |||
+ | [[http://www.karlrunge.com/x11vnc/ssl.html | ssl x11vnc (eng.)]] | ||
+ | |||
+ | [[http://ssvnc.sourceforge.net/ | ssl visualisation en graphique ]] | ||
+ | |||
+ | [[http://www.sebsauvage.net/comprendre/ssl/ | explications sur ssl ]] | ||
nano : | nano : | ||
Ligne 306: | Ligne 714: | ||
[[https://debian-facile.org/doc:editeurs:nano | petit mode d'emploi de nano ]] | [[https://debian-facile.org/doc:editeurs:nano | petit mode d'emploi de nano ]] | ||
+ | ssvnc : | ||
+ | |||
+ | [[http://www.karlrunge.com/x11vnc/ssvnc.html | site officiel ssvnc (eng.)]] | ||
+ | |||
+ | [[https://sourceforge.net/projects/ssvnc/ | sourceforge ssvnc (eng.)]] | ||