VNC Client Access: Difference between revisions

From Proxmox VE
Jump to navigation Jump to search
No edit summary
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
= Standard Console Access =
= Standard Console Access =


By default, PVE provides access to VMs via [https://novnc.com/info.html noVNC] and/or [https://www.spice-space.org SPICE]. It is recommended to use these whenever possible. However, if you need to have browser independent access, it is possible to use an external VNC client such as RealVNC, TightVNC, Remmina etc. as well.
By default, PVE provides access to VMs via [https://novnc.com/info.html noVNC] and/or [https://www.spice-space.org SPICE]. It is recommended to use these whenever possible. However, if you need to have browser independent access, it is possible to use an external VNC client such as RealVNC, TightVNC, and Remmina as well.


== Configure VNC Access in the Configuration File ==
== Configure VNC Access in the Configuration File ==
Line 13: Line 13:
  args: -vnc 0.0.0.0:77,password=on
  args: -vnc 0.0.0.0:77,password=on


instead. See below on how to set the password.
See below on how to set the password.


The display number can be freely chosen, but each number must occur only once. The VNC service then listens at port 5900+display_number. Note that connections via noVNC use display number 0 and following, therefore it is recommended to use higher numbers in order to avoid conflicts.
The display number can be freely chosen, but each number must occur only once. The VNC service then listens at port 5900+display_number. Note that connections via noVNC use display number 0 and following, therefore it is recommended to use higher numbers in order to avoid conflicts.
Line 21: Line 21:
== Set a Password for VNC Access ==
== Set a Password for VNC Access ==


If you have enabled the ''password=on'' option above, you will not be able to connect until you set a password. This has to be done after the VM was started.
'''NOTE:''' This requires at least QEMU 6.1, as there was a bug in the preceding versions which prevented the setting of a password.
 
If you have enabled the ''password=on'' option above, you will not be able to connect until you set a password. This must be done after the VM has started.


Go to the VM's 'Monitor' panel in the web interface, or otherwise open an HMP connection. Then, use the following command:
Go to the VM's 'Monitor' panel in the web interface, or otherwise open an HMP connection. Then, use the following command:
Line 29: Line 31:
When connecting via an external VNC client, it will now ask for the password "foobar1". The maximum length for VNC passwords is 8 characters.
When connecting via an external VNC client, it will now ask for the password "foobar1". The maximum length for VNC passwords is 8 characters.


The password is not persistent, i.e. after the VM has been restarted, the above command has to be repeated in order to set the password again.
The password is not persistent, meaning that after the VM has been restarted, the above command must be repeated in order to set the password again.


Optionally, you may also choose to expire the password. Use the following command:
Optionally, you may also choose to expire the password. Use the following command:
Line 35: Line 37:
   expire_password vnc +600 -d vnc2
   expire_password vnc +600 -d vnc2


In this case, the password would be valid for another 10 minutes (600 seconds) after the command is sent. Already logged in clients will not be disconnected.
In this case, the password would be valid for an additional 10 minutes (600 seconds) after the command is sent. Already logged in clients will not be disconnected.






[[Category: HOWTO]]
[[Category: HOWTO]]

Latest revision as of 09:19, 28 October 2021

Standard Console Access

By default, PVE provides access to VMs via noVNC and/or SPICE. It is recommended to use these whenever possible. However, if you need to have browser independent access, it is possible to use an external VNC client such as RealVNC, TightVNC, and Remmina as well.

Configure VNC Access in the Configuration File

Add a line to the VM's configuration file /etc/pve/local/qemu-server/<VMID>.conf which specifies the VNC display number as follows ("77" in the example below):

args: -vnc 0.0.0.0:77

If you want to use password protection, add:

args: -vnc 0.0.0.0:77,password=on

See below on how to set the password.

The display number can be freely chosen, but each number must occur only once. The VNC service then listens at port 5900+display_number. Note that connections via noVNC use display number 0 and following, therefore it is recommended to use higher numbers in order to avoid conflicts.

You can now connect the VNC client to the host IP address and port as chosen ("5977" in the example above).

Set a Password for VNC Access

NOTE: This requires at least QEMU 6.1, as there was a bug in the preceding versions which prevented the setting of a password.

If you have enabled the password=on option above, you will not be able to connect until you set a password. This must be done after the VM has started.

Go to the VM's 'Monitor' panel in the web interface, or otherwise open an HMP connection. Then, use the following command:

 set_password vnc foobar1 -d vnc2

When connecting via an external VNC client, it will now ask for the password "foobar1". The maximum length for VNC passwords is 8 characters.

The password is not persistent, meaning that after the VM has been restarted, the above command must be repeated in order to set the password again.

Optionally, you may also choose to expire the password. Use the following command:

 expire_password vnc +600 -d vnc2

In this case, the password would be valid for an additional 10 minutes (600 seconds) after the command is sent. Already logged in clients will not be disconnected.