Skip to content

cnelson711/vncauthproxy

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

133 Commits
twisted/plugins
twisted/plugins
 
 
vncap
vncap
 
 
.gitignore
.gitignore
 
 
COPYING
COPYING
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
README.mkd
README.mkd
 
 
setup.py
setup.py
 
 

Repository files navigation

Twisted VNC Proxy

To install on a system

$ python setup.py build
$ python setup.py install

To start the proxy server, try:

$ twistd -n vncap

By default, the daemon accepts runs on TCP port 5500.

Requirements:

  • Twisted 10.2 or newer
  • txWS 0.6 or newer
  • A VNC server that allows reverse connections (x11vnc 0.9.13)
  • A VNC viewer that allows passwords with length > 8 (noVNC)

If your distribution insists on splitting Twisted into multiple packages, you will also need the Twisted Web package, usually called python-twisted-web.

Control Interface

The interface (default port 5500), allows a program create a new channel and to query the proxy for a list of active channels.

To create a new channel, send a JSON object in the following format:

  • admin_passphrase : The passphrase to access the control interface. The default passphrase is 'vnc'.
  • operation : The string "create"
  • connection_timeout : The integer number of seconds before the channel closes if a client or server disconnects.

The proxy will respond with the following JSON object:

  • channel_id : A unique int for the channel
  • viewer_passphrase : The passphrase the viewer should use.
  • server_passphrase : The passphrase the VNC server should use when making a reverse connection.

The passphrases will be strings of 32 random hexadecimal digits.

To receive a listing of all active channels (channels that have not been closed due to timeouts), send a JSON object in the following format:

  • admin_passphrase : The passphrase to access the control interface. The default passphrase is 'vnc'.
  • operation : The string "listing"

The proxy will respond with a JSON array of objects, each object representing information about an active channel:

  • channel_id : A unique int for the channel
  • connection_timeout : The integer number of seconds before the channel closes if a client or server disconnects.

Connecting to the Proxy

If using x11vnc as the VNC server, simply pass in the host:port of the proxy and the server_passphrase of the channel to which you want to connect.

$ ./x11vnc -connect pre={"channel_id":3, "passphrase", "AF55ADDC0D696DE30D074210B1307041"}+192.168.10.165:5500

If using noVNC as the VNC viewer, enter the 20 digit viewer_passphrase as the passphrase to connect to the channel on the proxy.

TLS

If TLS is requested, the proxy will look for SSL key and certificate information from hardcoded locations. The locations for the SSL files are:

  • keys/vncap.key: SSL key
  • keys/vncap.crt: SSL certificate

To generate simple keys, an example series of OpenSSL invocations might be:

$ openssl genrsa -out keys/vncap.key 1024
$ openssl req -new -key keys/vncap.key -out keys/vncap.csr
$ openssl x509 -req -in keys/vncap.csr -signkey keys/vncap.key -out
keys/vncap.crt

Backwards Compatibility

If you are using Firefox 4 or earlier, you also need to to serve a Flash policy. A simple policy server is shipped in this package, try:

$ sudo twistd -n flashpolicy

About

No description, website, or topics provided.

Resources

Readme

License

GPL-2.0, Unknown licenses found

Licenses found

GPL-2.0
LICENSE
Unknown
COPYING
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 100.0%