[K12OSN] VNC (Virtual Network Computing) question

Christopher K. Johnson ckjohnson at gwi.net
Fri May 14 12:49:41 UTC 2004

daniel.hunt at iibbank.ie wrote:

>Sorry, I forgot to add that Once the port is open .... ANYONE can connect to
>that ip address on that port.
>So if they happen to guess your password (or know it) then it's bye bye
>server :)
My recommended best practice would be to either:
1) Tunnel your vnc connection(s) over ssh.  The ssh can be configured 
easily to allow only users in a specific group, and also easily 
configured to permit only public/private key based authentication so you 
can reliably control who can use the connection by deploying your own 
public key there.

2) Configure network-to-network or host-to-host ipsec VPN to protect the 
vnc and other communication in transit.  This can be done very easily if 
you have systems running a 2.6 kernel.

   "Spend less!  Do more!  Go Open Source..." -- Dirigo.net
   Chris Johnson, RHCE #807000448202021

More information about the K12OSN mailing list