Vnc 2.0
From Proxmox VE
Contents |
vnc for Proxmox 2.0
this page is a quick writeup on how to use vnc in 2.0
AFAIK , Proxmox 2.0 seems to be a lot more secure in its use of vnc, and requires clients to use tls .
Secure connections are a very good thing , trying to disable them so non secure clients work is not smart. However there are not many tls enabled clients. My guess is that there will be . I suggest helping out by filing bug reports for non tls clients you use, and help the developer by testing their changes.
With changes in Java due to security fixes, web based vnc access is hit or miss.
Vnc client access to a kvm used by multiple people can help keep the Proxmox host more secure as fewer people will have access to Proxmox-VE .
Note to Ubuntu users
I came to this page since web console wasn't working for me under ubuntu 11.10 and firefox. Problem was OpenJDK. I've installed Sun's JRE and sun-java6-plugin (as appointed by tom in the Proxmox VE 2.0 Forums) and now everything is working fine WITHOUT the setup described on this page. You can find several procedures to achieve this on Google or any other search engine.
shell script to update-sun-jre
- check http://www.duinsoft.nl/packages.php?t=en , there is a shell script and a repository which make the installation of the Oracle (Sun) Java Runtime Environment very easy. I used it on Ubuntu, but it look like it'll work on any Debian based system.
On that link there is information about the java changes that occurred in August 2011.
configure Proxmox host
- this configures the host to accept vnc connections.
aptitude install openbsd-inetd
run this to get your kvm id's :
qm list
root@homenet-home10 /etc # qm list
VMID NAME STATUS MEM(MB) BOOTDISK(GB) PID
101 freenas stopped 1024 32.00 0
102 debpbx running 512 0.00 573304
105 winxp stopped 512 15.01 0
7012 ltsp-ldap-openfire-KVM running 512 9.00 495870
7016 fbc16-kvm running 512 8.00 462697
7159 win7 stopped 2048 0.00 0
27014 ltsp-term-KVM stopped 512 0.00 0
edit /etc/inetd.conf , put a port for each kvm you want to access using kvm
#port kvm 59055 stream tcp nowait root /usr/sbin/qm qm vncproxy 105 59058 stream tcp nowait root /usr/sbin/qm qm vncproxy 7159
restart openbsd-inetd
/etc/init.d/openbsd-inetd restart
test/debug host set up
this shows a working set up:
telnet home10 59058 # home10 is the hostname of my prox 2.0 test server. Trying 192.168.1.10... Connected to home10.fantinibakery.com. Escape character is '^]'. RFB 003.008
to exit press these 2 keys: control and ]
then type exit to quit that.
firewall portforward
to access the kvm's off site, you'll need to forward the ports in your router/firewall for off site access.
here is an example using pfsense : 
and dd-wrt: _-_Port_Range_Forwarding_2011-12-29_21-59-48.png)
connect to a kvm using tigervnc from cli
- download from : http://sourceforge.net/apps/mediawiki/tigervnc/index.php?title=Welcome_to_TigerVNC . version 1.1.0 supports tls, 1.0.90 may not. Use a stable version.
- install
cd / tar xf <downloaded file>
- installed folder should be
/opt/TigerVNC
- open a terminal from linux gui.
- username will be
root@pam
password = root password for prox2.0 host
/opt/TigerVNC/bin/vncviewer home10:59058
issues
- tigervnc: control keys do not work. try nano , ctl + x .
- so do not enter ping w/o a -c
ping google.com # bad
ping -c 5 google.com
other vnc clients to check
winswitch looks promising . see http://winswitch.org/about/ . the version I used on 11/2011 did not have tls support , but there have been a few updates since then.
tls vnc clients for
Debian Squeeze
- none that I know of work using apt to install. Hopefully there will be some in backports.
- remmina does not work.
Ubuntu LTS
- none 2011-12
- remmina does not work in Ubuntu 12.04 LTS (Precise Pangolin) as of 2012-02-06.
Windows
- Worked
- TigerVNC
- Not worked
- RealVNC, TightVNC and stuff.
Mac
- Worked
- TigerVNC
- Not worked
- JollysFastVNC, Screens, RealVNC Viewer and stuff.
iOS
Noting works. Even the RealVNC viewer doesn't work.
