Hi list,
Based on the wiki: http://pve.proxmox.com/wiki/Vnc_2.0#tls_vnc_clients_for and a post from PunjabiMunda90 in the VNC Server Help Greatly Apretiated thread:
... I started experimenting.
Downloaded TigerVNC 1.1.0 Windows x86/32 bit.
On the Proxmox 2.1 web page for the VM, clicked console.
I don't have a Java plugin installed in my browser; an empty browser window popped up.
Connected with TigerVNC to the proxmox host on port 5900.
It complained about unknown certs etc, after clicking next, could authenticate with username: root@pam and the root account's password.
Pressed F8 in VNC screen to get a menu that allows you to send Ctrl-Alt-Del etc
(Note: had first tried TigerVNC 1.2.0 but that crashed when using this F8 popup menu. Had also tried the x64 version of 1.2.0 but that didn't support encryption. Apparently the "VeNCrypt" method within the VNC RFB protocol is used, which supports TLS encryption - and optional X509 cert authentication.)
Tip: when you're too late with your connection (after a timeout), you can press reload in the webpage to get the host listening again.
For convenience's sake, I'll have a look around for the CA certificate and copy it to the TigerVNC directory in the hope it will stop complaining.
All in all, a very nice solution: encrypted remote desktop, no Java needed
Thanks!
Based on the wiki: http://pve.proxmox.com/wiki/Vnc_2.0#tls_vnc_clients_for and a post from PunjabiMunda90 in the VNC Server Help Greatly Apretiated thread:
The reason I wanted to disable the TLS was so I can use an external VNC Client.
I don't mind using the web Client that is already built in. But that only seems to work if we go through the Admin page.
I was using netcat to create a vnc connection:
nc -l -p 5900 -c "qm vncproxy VMID [PASSWORD]"
But could not connect to it because I could not find any java based vnc client that supported the x509 security used by default.
Though that worked fine with tigervnc... I really would like a web based solution.
... I started experimenting.
Downloaded TigerVNC 1.1.0 Windows x86/32 bit.
On the Proxmox 2.1 web page for the VM, clicked console.
I don't have a Java plugin installed in my browser; an empty browser window popped up.
Connected with TigerVNC to the proxmox host on port 5900.
It complained about unknown certs etc, after clicking next, could authenticate with username: root@pam and the root account's password.
Pressed F8 in VNC screen to get a menu that allows you to send Ctrl-Alt-Del etc
(Note: had first tried TigerVNC 1.2.0 but that crashed when using this F8 popup menu. Had also tried the x64 version of 1.2.0 but that didn't support encryption. Apparently the "VeNCrypt" method within the VNC RFB protocol is used, which supports TLS encryption - and optional X509 cert authentication.)
Tip: when you're too late with your connection (after a timeout), you can press reload in the webpage to get the host listening again.
For convenience's sake, I'll have a look around for the CA certificate and copy it to the TigerVNC directory in the hope it will stop complaining.
All in all, a very nice solution: encrypted remote desktop, no Java needed
Thanks!
Last edited: