Difference between revisions of "VNC Client Access"
| Line 1: | Line 1: | ||
= Standard Console Access = | = Standard Console Access = | ||
| − | By default, PVE provides access to VMs via [https://novnc.com/info.html noVNC] and/or [https://www.spice-space.org SPICE]. It is recommended to use these whenever possible. However, if you need to have browser independent access, it is possible to use an external VNC client such as RealVNC, TightVNC, Remmina | + | By default, PVE provides access to VMs via [https://novnc.com/info.html noVNC] and/or [https://www.spice-space.org SPICE]. It is recommended to use these whenever possible. However, if you need to have browser independent access, it is possible to use an external VNC client such as RealVNC, TightVNC, and Remmina as well. |
== Configure VNC Access in the Configuration File == | == Configure VNC Access in the Configuration File == | ||
| Line 13: | Line 13: | ||
args: -vnc 0.0.0.0:77,password=on | args: -vnc 0.0.0.0:77,password=on | ||
| − | + | See below on how to set the password. | |
The display number can be freely chosen, but each number must occur only once. The VNC service then listens at port 5900+display_number. Note that connections via noVNC use display number 0 and following, therefore it is recommended to use higher numbers in order to avoid conflicts. | The display number can be freely chosen, but each number must occur only once. The VNC service then listens at port 5900+display_number. Note that connections via noVNC use display number 0 and following, therefore it is recommended to use higher numbers in order to avoid conflicts. | ||
| Line 21: | Line 21: | ||
== Set a Password for VNC Access == | == Set a Password for VNC Access == | ||
| − | '''NOTE:''' This requires at least QEMU 6.1, as there was a bug in the preceding versions | + | '''NOTE:''' This requires at least QEMU 6.1, as there was a bug in the preceding versions which prevented the setting of a password. |
| − | If you have enabled the ''password=on'' option above, you will not be able to connect until you set a password. This | + | If you have enabled the ''password=on'' option above, you will not be able to connect until you set a password. This must be done after the VM has started. |
Go to the VM's 'Monitor' panel in the web interface, or otherwise open an HMP connection. Then, use the following command: | Go to the VM's 'Monitor' panel in the web interface, or otherwise open an HMP connection. Then, use the following command: | ||
| Line 31: | Line 31: | ||
When connecting via an external VNC client, it will now ask for the password "foobar1". The maximum length for VNC passwords is 8 characters. | When connecting via an external VNC client, it will now ask for the password "foobar1". The maximum length for VNC passwords is 8 characters. | ||
| − | The password is not persistent, | + | The password is not persistent, meaning that after the VM has been restarted, the above command must be repeated in order to set the password again. |
Optionally, you may also choose to expire the password. Use the following command: | Optionally, you may also choose to expire the password. Use the following command: | ||
| Line 37: | Line 37: | ||
expire_password vnc +600 -d vnc2 | expire_password vnc +600 -d vnc2 | ||
| − | In this case, the password would be valid for | + | In this case, the password would be valid for an additional 10 minutes (600 seconds) after the command is sent. Already logged in clients will not be disconnected. |
[[Category: HOWTO]] | [[Category: HOWTO]] | ||
Latest revision as of 09:19, 28 October 2021
Standard Console Access
By default, PVE provides access to VMs via noVNC and/or SPICE. It is recommended to use these whenever possible. However, if you need to have browser independent access, it is possible to use an external VNC client such as RealVNC, TightVNC, and Remmina as well.
Configure VNC Access in the Configuration File
Add a line to the VM's configuration file /etc/pve/local/qemu-server/<VMID>.conf which specifies the VNC display number as follows ("77" in the example below):
args: -vnc 0.0.0.0:77
If you want to use password protection, add:
args: -vnc 0.0.0.0:77,password=on
See below on how to set the password.
The display number can be freely chosen, but each number must occur only once. The VNC service then listens at port 5900+display_number. Note that connections via noVNC use display number 0 and following, therefore it is recommended to use higher numbers in order to avoid conflicts.
You can now connect the VNC client to the host IP address and port as chosen ("5977" in the example above).
Set a Password for VNC Access
NOTE: This requires at least QEMU 6.1, as there was a bug in the preceding versions which prevented the setting of a password.
If you have enabled the password=on option above, you will not be able to connect until you set a password. This must be done after the VM has started.
Go to the VM's 'Monitor' panel in the web interface, or otherwise open an HMP connection. Then, use the following command:
set_password vnc foobar1 -d vnc2
When connecting via an external VNC client, it will now ask for the password "foobar1". The maximum length for VNC passwords is 8 characters.
The password is not persistent, meaning that after the VM has been restarted, the above command must be repeated in order to set the password again.
Optionally, you may also choose to expire the password. Use the following command:
expire_password vnc +600 -d vnc2
In this case, the password would be valid for an additional 10 minutes (600 seconds) after the command is sent. Already logged in clients will not be disconnected.