diff options
author | runge <runge@karlrunge.com> | 2009-06-18 22:32:16 -0400 |
---|---|---|
committer | runge <runge@karlrunge.com> | 2009-06-18 22:32:16 -0400 |
commit | 61383c508e9a12c879bd94c77885e0ec0d7c47f8 (patch) | |
tree | b4bf1b16037eca9110aaec6d5f92a57a2c00a80f /x11vnc/README | |
parent | d11b2abd8cf4d9afb1257695f8be1125d5625a65 (diff) | |
download | libtdevnc-61383c508e9a12c879bd94c77885e0ec0d7c47f8.tar.gz libtdevnc-61383c508e9a12c879bd94c77885e0ec0d7c47f8.zip |
classes/ssl: java viewer now handles auth-basic proxy logins.
misc/enhanced_tightvnc_viewer: update ssvnc.
Diffstat (limited to 'x11vnc/README')
-rw-r--r-- | x11vnc/README | 2847 |
1 files changed, 1433 insertions, 1414 deletions
diff --git a/x11vnc/README b/x11vnc/README index 5426bf6..2c9af6b 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -2,7 +2,7 @@ Copyright (C) 2002-2009 Karl J. Runge <runge@karlrunge.com> All rights reserved. -x11vnc README file Date: Sun Jun 14 13:03:59 EDT 2009 +x11vnc README file Date: Thu Jun 18 21:59:34 EDT 2009 The following information is taken from these URLs: @@ -55,7 +55,7 @@ x11vnc: a VNC server for real X displays solutions to many problems; and interesting applications, but nevertheless please feel free to [24]contact me if you have problems or questions (and if I save you time by giving you some of my time, - please consider a [25]paypal donation). Please check the [26]FAQ + please consider a [25]paypal donation.) Please check the [26]FAQ first; I realize this page is massive, but you can often use your browser's find-in-page action using a keyword to find the answer to your problem or question. @@ -127,13 +127,13 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick The VNC protocol is in most cases better suited for remote connections with low bandwidth and high latency than is the X11 protocol because it involves far fewer "roundtrips" (an exception is the [38]cached - pixmap data on the viewing-end provided by X). Also, with no state + pixmap data on the viewing-end provided by X.) Also, with no state maintained the viewing-end can crash, be rebooted, or relocated and the applications and desktop continue running. Not so with X11. So the standard Xvnc/vncserver program is very useful, I use it for things like: - * Desktop conferencing with other users (e.g. codereviews). + * Desktop conferencing with other users (e.g. codereviews.) * Long running apps/tasks I want to be able to view from many places. * Motif, GNOME, and similar applications that would yield very poor @@ -164,7 +164,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick running there. You can use ssh, or even rlogin, telnet, or any other method to do this. We do this because the x11vnc process needs to be run on the same machine the X server process is running on (otherwise - things would be extremely slow). + things would be extremely slow.) Step 2. In that far-away.east shell (with command prompt "far-away>" in this example) run x11vnc directed at the far-away.east X session @@ -174,18 +174,18 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick You could have also set the environment variable DISPLAY=:0 instead of using "-display :0". This step attaches x11vnc to the far-away.east:0 - X display (i.e. no viewer clients yet). + X display (i.e. no viewer clients yet.) Common Gotcha: To get X11 permissions right, you may also need to set the XAUTHORITY environment variable (or use the [42]-auth option) to point to the correct MIT-MAGIC-COOKIE file (e.g. - /home/joe/.Xauthority). If x11vnc does not have the authority to + /home/joe/.Xauthority.) If x11vnc does not have the authority to connect to the display it exits immediately. More on how to fix this [43]below. If you suspect an X11 permissions problem do this simple test: while sitting at the physical X display open a terminal window - (gnome-terminal, xterm, etc). You should be able to run x11vnc + (gnome-terminal, xterm, etc.) You should be able to run x11vnc successfully in that terminal without any need for command line options. If that works OK then you know X11 permissions are the only thing preventing it from working when you try to start x11vnc via a @@ -213,7 +213,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick for PDA's like the Palm Pilot! You can use any of them to connect to x11vnc (see the above VNC links under "Background:" on how to obtain a viewer for your platform or see [46]this FAQ. For Solaris, vncviewer - is available in the [47]Companion CD package SFWvnc). + is available in the [47]Companion CD package SFWvnc.) In this example we'll use the Unix vncviewer program on sitting-here by typing the following command in a second terminal window: @@ -224,14 +224,14 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick allowing interaction with the far-away.east:0 X11 desktop. Pretty nifty! When finished, exit the viewer: the remote x11vnc process will shutdown automatically (or you can use the [48]-forever option to have - it wait for additional viewer connections). + it wait for additional viewer connections.) Common Gotcha: Nowadays there will likely be a host-level [49]firewall on the x11vnc side that is blocking remote access to the VNC port - (e.g. 5900). You will either have to open up that port (or a range of + (e.g. 5900.) You will either have to open up that port (or a range of ports) in your firewall administration tool, or try the [50]SSH tunnelling method below (even still the firewall must allow in the SSH - port, 22). + port, 22.) Shortcut: Of course if you left x11vnc running on far-away.east:0 in a @@ -243,7 +243,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Super Shortcut: Here is a potentially very easy way to get all of it working. * Have x11vnc (0.9.3 or later) available to run on the remote host - (i.e. in $PATH). + (i.e. in $PATH.) * Download and unpack a [55]SSVNC bundle (1.0.19 or later, e.g. [56]ssvnc_no_windows-1.0.19.tar.gz) on the Viewer-side machine. * Start the SSVNC Terminal Services mode GUI: ./ssvnc/bin/tsvnc @@ -258,10 +258,10 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick SSH into the remote host; i.e. that you have a Unix account there and the SSH server is running. On Unix and MacOS X it is assumed that the ssh client command is available on the local machine (on Windows a - plink binary is included in the SSVNC bundle). Finally, it is assumed + plink binary is included in the SSVNC bundle.) Finally, it is assumed that you are already logged into an X session on the remote machine, e.g. your workstation (otherwise, a virtual X server, e.g. Xvfb, will - be [58]started for you). + be [58]started for you.) In some cases the remote SSH server will not run commands with the same $PATH that you normally have in your shell there. In this case @@ -276,7 +276,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick has the user sitting at "far-away.east:0" and invites one or more other people to view and interact with his desktop. Perhaps the user gives a demo or presentation this way (using the telephone for vocal - communication). A "Remote Help Desk" mode would be similar: a + communication.) A "Remote Help Desk" mode would be similar: a technician connects remotely to the user's desktop to interactively solve a problem the user is having. @@ -293,7 +293,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick The above example had no security or privacy at all. When logging into remote machines (certainly when going over the internet) it is best to use ssh, or use a VPN (for a VPN, Virtual Private Network, the above - example should be pretty safe). + example should be pretty safe.) For x11vnc one can tunnel the VNC protocol through an encrypted ssh channel. It would look something like running the following commands: @@ -314,12 +314,12 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick link, so you need to force the issue with -encodings "copyrect tight ...". Nowadays, not all viewers use the -encodings option, try "-PreferredEncoding=ZRLE" (although the newer viewers seem to - autodetect well when to use raw or not). + autodetect well when to use raw or not.) Note that "x11vnc -localhost ..." limits incoming vncviewer connections to only those from the same machine. This is very natural for ssh tunnelling (the redirection appears to come from the same - machine). Use of a [60]VNC password is also strongly recommended. + machine.) Use of a [60]VNC password is also strongly recommended. Note also the -t we used above (force allocate pseudoterminal), it actually seems to improve interactive typing response via VNC! @@ -335,7 +335,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Some VNC viewers will do the ssh tunnelling for you automatically, the TightVNC Unix vncviewer does this when the "-via far-away.east" option is supplied to it (this requires x11vnc to be already running on - far-away.east or having it started by [61]inetd(8)). See the 3rd + far-away.east or having it started by [61]inetd(8).) See the 3rd script example [62]below for more info. SSVNC: You may also want to look at the [63]Enhanced TightVNC Viewer @@ -362,20 +362,20 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick sitting-here> ssh -t -L 5900:OtherHost:5900 gateway.east Where gateway.east is the internet hostname (or IP) of the gateway - machine (SSH server). 'OtherHost' might be, e.g., freds-pc or + machine (SSH server.) 'OtherHost' might be, e.g., freds-pc or 192.168.2.33 (it is OK for these to be private hostnames or private IP - addresses, the host in -L is relative to the remote server side). + addresses, the host in -L is relative to the remote server side.) Once logged in, you'll need to do a second login (ssh, rsh, etc.) to the workstation machine 'OtherHost' and then start up x11vnc on it (if - it isn't already running). (The "[65]-connect gateway:59xx" option may - be another alternative here with the viewer already in -listen mode). + it isn't already running.) (The "[65]-connect gateway:59xx" option may + be another alternative here with the viewer already in -listen mode.) For an automatic way to use a gateway and have all the network traffic encrypted (including inside the firewall) see [66]Chaining SSH's. These gateway access modes also can be done automatically for you via the "Proxy/Gateway" setting in [67]SSVNC (including the Chaining SSH's - case, "Double Proxy"). + case, "Double Proxy".) Firewalls/Routers: @@ -391,7 +391,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Firewall/Router to, say, the SSH port (22) on an inside machine (how to do this depends on your particular Firewall/Router, often the router config URL is http://192.168.100.1 See [68]www.portforward.com - for more info). This way you reach these computers from anywhere on + for more info.) This way you reach these computers from anywhere on the Internet and use x11vnc to view X sessions running on them. Suppose you configured the Firewall/Router to redirect these ports to @@ -409,10 +409,10 @@ nc -localhost -display :0' Where far-away.east means the hostname (or IP) that the Router/Firewall is using (for home setups this is usually the IP gotten from your ISP via DHCP, the site [69]http://www.whatismyip.com/ - is a convenient way to determine what it is). + is a convenient way to determine what it is.) It is a good idea to add some obscurity to accessing your system via - SSH by using some high random port (e.g. 12300 in the above example). + SSH by using some high random port (e.g. 12300 in the above example.) If you can't remember it, or are otherwise not worried about port scanners detecting the presence of your SSH server and there is just one internal PC involved you could map 22: @@ -443,7 +443,7 @@ nc -localhost -display :0' "far-away.east:0" to reach jills-pc and "far-away.east:1" to reach freds-pc. We assume above that x11vnc is using port 5900 (and any Host-Level-firewalls on jills-pc has been configured to let that port - in). + in.) For a home system one likely does not have a hostname and would have to use the IP address, say, "24.56.78.93:0". E.g.: @@ -553,10 +553,10 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. Very Important: It is up to YOU to tell x11vnc to use password protection (-rfbauth or -passwdfile), it will NOT do it for you automatically or force you to (use [80]-usepw if you want to be forced - to). The same goes for encrypting the channel between the viewer and + to.) The same goes for encrypting the channel between the viewer and x11vnc: it is up to you to use ssh, stunnel, [81]-ssl mode, a VPN, etc. (use the [82]Enhanced TightVNC Viewer (SSVNC) GUI if you want to - be forced to use SSL or SSH). For additional safety, also look into + be forced to use SSL or SSH.) For additional safety, also look into the -allow and -localhost [83]options and building x11vnc with [84]tcp_wrappers support to limit host access. @@ -568,7 +568,7 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. [85]stunnel (also [86]stunnel.mirt.net) or using the built-in (Mar/2006) [87]-ssl openssl mode. A SSL-enabled Java applet VNC Viewer is also provided in the x11vnc package (and https can be used to - download it). + download it.) Although not as ubiquitous as ssh, SSL tunnelling still provides a useful alternative. See [88]this FAQ on -ssl and -stunnel modes for @@ -576,7 +576,7 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. The [89]Enhanced TightVNC Viewer (SSVNC) bundles contain some convenient utilities to automatically set up an SSL tunnel from the - viewer-side (i.e. to connect to "x11vnc -ssl ..."). And many other + viewer-side (i.e. to connect to "x11vnc -ssl ...".) And many other enhancements too. _________________________________________________________________ @@ -611,11 +611,11 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. More tools: Here is a ssh/rsh wrapper script rx11vnc that attempts to automatically do the above Steps 1-3 for you (provided you have - ssh/rsh login permission on the machine x11vnc is to be run on). The + ssh/rsh login permission on the machine x11vnc is to be run on.) The above example would be: "rx11vnc far-away.east:0" typed into a shell on sitting-here.west. Also included is an experimental script rx11vnc.pl that attempts to tunnel the vnc traffic through an ssh port - redirection (and does not assume port 5900 is free). Have a look at + redirection (and does not assume port 5900 is free.) Have a look at them to see what they do and customize as needed: * [100]rx11vnc wrapper script * [101]rx11vnc.pl wrapper script to tunnel traffic thru ssh @@ -646,7 +646,7 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. Or do make install, it will probably install to /usr/local/bin (run ./configure --help for information on customizing your configuration, - e.g. --prefix=/my/place). You can now run it via typing "x11vnc", + e.g. --prefix=/my/place.) You can now run it via typing "x11vnc", "x11vnc -help | more", "x11vnc -forever -shared -display :0", etc. @@ -677,7 +677,7 @@ $MAKE libvncserver's choice of AM_CFLAGS. See the [105]build scripts below for more ideas. Scripts similar to the above have been shown to work with vendor C compilers on HP-UX (ccom: HP92453-01) and Tru64 (Compaq - C V6.5-011). + C V6.5-011.) You can find information on [106]Misc. Build problems here. @@ -685,7 +685,7 @@ $MAKE Building on Solaris, FreeBSD, etc: Depending on your version of Solaris or other Unix OS the jpeg and/or zlib libraries may be in - non-standard places (e.g. /usr/local, /usr/sfw, /opt/sfw, etc). + non-standard places (e.g. /usr/local, /usr/sfw, /opt/sfw, etc.) Note: If configure cannot find these two libraries then TightVNC and ZRLE encoding support will be disabled, and you don't want that!!! The @@ -700,12 +700,12 @@ $MAKE (The only thing this misses is /usr/X11/lib/libXrandr.so.2, which is for the little used -xrandr option, see the script below to pick it up - as well). + as well.) libjpeg is included in Solaris 9 and later (/usr/sfw/include and /usr/sfw/lib), and zlib in Solaris 8 and later (/usr/include and - /usr/lib). So on Solaris 9 you can pick up everything with something + /usr/lib.) So on Solaris 9 you can pick up everything with something like this: env PATH=/usr/local/bin:/usr/ccs/bin:$PATH sh -c './configure --with-jpeg=/us r/sfw; make' @@ -797,7 +797,7 @@ ls -l ./x11vnc/x11vnc Building on FreeBSD, OpenBSD, ...: The jpeg libraries seem to be in /usr/local or /usr/pkg on these OS's. You won't need the openwin stuff - in the above script (but you may need /usr/X11R6/...). Also starting + in the above script (but you may need /usr/X11R6/....) Also starting with the 0.7.1 x11vnc release, this usually works: ./configure --with-jpeg=/usr/local make @@ -805,14 +805,14 @@ ls -l ./x11vnc/x11vnc Building on HP-UX: For jpeg and zlib you will need to do the same sort of thing as described above for Solaris. You set CPPFLAGS and - LDFLAGS to find them (see below for an example). You do not need to do + LDFLAGS to find them (see below for an example.) You do not need to do any of the above /usr/openwin stuff. Also, HP-UX does not seem to support -R, so get rid of the -R items in LDFLAGS. Because of this, at runtime you may need to set LD_LIBRARY_PATH or SHLIB_PATH to indicate the directory paths so the libraries can be found. It is a good idea to have static archives, e.g. libz.a and libjpeg.a for the nonstandard libraries so that they get bolted into the x11vnc binary (and so won't - get "lost"). + get "lost".) Here is what we recently did to build x11vnc 0.7.2 on HP-UX 11.11 ./configure --with-jpeg=$HOME/hpux/jpeg --with-zlib=$HOME/hpux/zlib @@ -852,7 +852,7 @@ make However, if your system has the Mac OS X build package for X11 apps you will not need to supply the "--without-x" option (in this case the resulting x11vnc would be able to export both the native Mac OS X - display and windows displayed in the XDarwin X server). Be sure to + display and windows displayed in the XDarwin X server.) Be sure to include the ./configure option to find libjpeg on your system. @@ -892,7 +892,7 @@ make To aid testing of the [117]built-in SSL/TLS support for x11vnc, a number of VNC Viewer packages for Unix, Mac OS X, and Windows have been created that provide SSL Support for the TightVNC Viewer (this is - done by [118]wrapper scripts and a GUI that starts [119]STUNNEL). It + done by [118]wrapper scripts and a GUI that starts [119]STUNNEL.) It should be pretty convenient for automatic SSL and SSH connections. It is described in detail at and can be downloaded from the [120]Enhanced TightVNC Viewer (SSVNC) page. The SSVNC Unix viewer also supports @@ -917,6 +917,12 @@ make connected client, all encodings are safe on all platforms. Note that some features (e.g. scroll detection and -ncache) may be disabled or run with reduced functionality in -threads mode. + * Automatically tries to work around an [124]Xorg server bug + involving infinitely repeating keys when turning off key + repeating. Use [125]-repeat if the automatic workaround fails. + * Improved reliability of the Single Port SSL VNC and HTTPS java + viewer applet delivery mechanism. + * The [126]-clip mode works under [127]-rawfb. Here are some features that appeared in the 0.9.7 release: @@ -926,38 +932,38 @@ make case the special file /dev/vcsa2 is used to retrieve vt2's current text. Text and colors are shown, but no graphics. * Support for less than 8 bits per pixel framebuffers (e.g. 4 or 1 - bpp) in the [124]-rawfb mode. + bpp) in the [128]-rawfb mode. * The SSL enabled UltraVNC Java viewer applet now has a [Home] entry in the "drives" drop down menu. This menu can be configured with the ftpDropDown applet parameter. All of the applet parameters are documented in classes/ssl/README. - * Experimental support for [125]VirtualGL's [126]TurboVNC (an + * Experimental support for [129]VirtualGL's [130]TurboVNC (an enhanced TightVNC for fast LAN high framerate usage.) * The CUPS Terminal Services helper mode has been improved. - * Improvements to the [127]-ncache_cr that allows smooth opaque + * Improvements to the [131]-ncache_cr that allows smooth opaque window motions using the 'copyrect' encoding when using - [128]-ncache mode. - * The [129]-rmflag option enables a way to indicate to other + [132]-ncache mode. + * The [133]-rmflag option enables a way to indicate to other processes x11vnc has exited. * Reverse connections using anonymous Diffie Hellman SSL encryption now work. Here are some features that appeared in the 0.9.6 release: - * Support for [130]VeNCrypt SSL/TLS encrypted connections. It is - enabled by default in the [131]-ssl mode. VNC Viewers like + * Support for [134]VeNCrypt SSL/TLS encrypted connections. It is + enabled by default in the [135]-ssl mode. VNC Viewers like vinagre, gvncviewer/gtk-vnc, the vencrypt package, and others support this encryption mode. It can also be used with the - [132]-unixpw option to enable Unix username and password + [136]-unixpw option to enable Unix username and password authentication (VeNCrypt's "*Plain" modes.) A similar but older VNC security type "ANONTLS" (used by vino) is supported as well. - See the [133]-vencrypt and [134]-anontls options for additional + See the [137]-vencrypt and [138]-anontls options for additional control. The difference between x11vnc's normal -ssl mode and VeNCrypt is that the former wraps the entire VNC connection in SSL (like HTTPS does for HTTP, i.e. "vncs://") while VeNCrypt switches on the SSL/TLS at a certain point during the VNC handshake. Use - [135]-sslonly to disable both VeNCrypt and ANONTLS (vino). - * The "[136]-ssl ANON" option enables Anonymous Diffie-Hellman (ADH) + [139]-sslonly to disable both VeNCrypt and ANONTLS (vino.) + * The "[140]-ssl ANON" option enables Anonymous Diffie-Hellman (ADH) key exchange for x11vnc's normal SSL/TLS operation. Note that Anonymous Diffie-Hellman uses encryption for privacy, but provides no authentication and so is susceptible to Man-In-The-Middle @@ -965,17 +971,17 @@ make SAVE", etc. and have the VNC viewer verify the cert.) The ANONTLS mode (vino) only supports ADH. VeNCrypt mode supports both ADH and regular X509 SSL certificates modes. For these ADH is enabled by - default. See [137]-vencrypt and [138]-anontls for how to disable + default. See [141]-vencrypt and [142]-anontls for how to disable ADH. * For x11vnc's SSL/TLS modes, one can now specify a Certificate - Revocation List (CRL) with the [139]-sslCRL option. This will only + Revocation List (CRL) with the [143]-sslCRL option. This will only be useful for wide deployments: say a company-wide x11vnc SSL access deployment using a central Certificate Authority (CA) via - [140]-sslGenCA and [141]-sslGenCert. This way if a user has his + [144]-sslGenCA and [145]-sslGenCert. This way if a user has his laptop lost or stolen, you only have to revoke his key instead of creating a new Certificate Authority and redeploying new keys to all users. - * The default SSL/TLS mode, "[142]-ssl" (no pem file parameter + * The default SSL/TLS mode, "[146]-ssl" (no pem file parameter supplied), is now the same as "-ssl SAVE" and will save the generated self-signed cert in "~/.vnc/certs/server.pem". Previously "-ssl" would create a temporary self-signed cert that @@ -985,48 +991,48 @@ make same x11vnc server. Use "-ssl TMP" to regain the previous behavior. Use "-ssl SAVE_NOPROMPT" to avoid being prompted about using passphrase when the certificate is created. - * The option [143]-http_oneport enables single-port HTTP connections + * The option [147]-http_oneport enables single-port HTTP connections via the Java VNC Viewer. So, for example, the web browser URL "http://myhost.org:5900" works the same as "http://myhost.org:5800", but with the convenience of only involving one port instead of two. This works for both unencrypted - connections and for SSH tunnels (see [144]-httpsredir if the - tunnel port differs). Note that HTTPS single-port operation in - [145]-ssl SSL encrypted mode has been available since x11vnc + connections and for SSH tunnels (see [148]-httpsredir if the + tunnel port differs.) Note that HTTPS single-port operation in + [149]-ssl SSL encrypted mode has been available since x11vnc version 0.8.3. - * For the [146]-avahi/[147]-zeroconf Service Advertizing mode, if + * For the [150]-avahi/[151]-zeroconf Service Advertizing mode, if x11vnc was not compiled with the avahi-client library, then an external helper program, either avahi-publish(1) (on Unix) or dns-sd(1) (on Mac OS X), is used instead. - * The "[148]-rfbport PROMPT" option will prompt the user via the GUI + * The "[152]-rfbport PROMPT" option will prompt the user via the GUI to select the VNC port (e.g. 5901) to listen on, and a few other basic settings. This enables a handy GUI mode for naive users: x11vnc -gui tray=setpass -rfbport PROMPT -logfile $HOME/.x11vnc.log.%VNCDISP LAY suitable for putting in a launcher or menu, e.g. - [149]x11vnc.desktop. The [150]-logfile expansion is new too. In + [153]x11vnc.desktop. The [154]-logfile expansion is new too. In the GUI, the tray=setpass Properties panel has been improved. - * The [151]-solid solid background color option now works for the + * The [155]-solid solid background color option now works for the Mac OS X console. - * The [152]-reopen option instructs x11vnc to try to reopen the X + * The [156]-reopen option instructs x11vnc to try to reopen the X display if it is prematurely closed by, say, the display manager - (e.g. [153]GDM). + (e.g. [157]GDM.) Here are some features that appeared in the 0.9.5 release: - * Symmetric key [154]encryption ciphers. ARC4, AES-128, AES-256, + * Symmetric key [158]encryption ciphers. ARC4, AES-128, AES-256, blowfish, and 3des are supported. Salt and initialization vector seeding is provided. These compliment the more widely used SSL and - SSH encryption access methods. [155]SSVNC also supports these + SSH encryption access methods. [159]SSVNC also supports these encryption modes. * Scaling differently along the X- and Y-directions. E.g. - "[156]-scale 1280x1024" or "-scale 0.8x0.75" Also, - "[157]-geometry WxH" is an alias for "-scale WxH" + "[160]-scale 1280x1024" or "-scale 0.8x0.75" Also, + "[161]-geometry WxH" is an alias for "-scale WxH" * By having SSVNC version 1.0.21 or later available in your $PATH, - the [158]-chatwindow option allows a UltraVNC Text Chat window to + the [162]-chatwindow option allows a UltraVNC Text Chat window to appear on the local X11 console/display (this way the remote viewer can chat with the person at the physical display; e.g. - helpdesk mode). This also works on the Mac OS X console if the + helpdesk mode.) This also works on the Mac OS X console if the Xquartz X11 server (enabled by default on leopard) is running for the chatwindow. * The HTTP Java viewer applet jar, classes/VncViewer.jar, has been @@ -1035,46 +1041,46 @@ LAY Here are some features that appeared in the 0.9.4 release: - * Improvements to the [159]-find and [160]-create X session finding + * Improvements to the [163]-find and [164]-create X session finding or creating modes: new desktop types and service redirection options. Personal cupsd daemon and SSH port redirection helper for - use with [161]SSVNC's Terminal Services feature. - * Reverse VNC connections via [162]-connect work in the [163]-find, - [164]-create and related [165]-display WAIT:... modes. + use with [165]SSVNC's Terminal Services feature. + * Reverse VNC connections via [166]-connect work in the [167]-find, + [168]-create and related [169]-display WAIT:... modes. * Reverse VNC connections (either normal or SSL) can use a Web Proxy or a SOCKS proxy, or a SSH connection, or even a CGI URL to make - the outgoing connection. See: [166]-proxy. Forward connections can - also use: [167]-ssh. - * Reverse VNC connections via the [168]UltraVNC repeater proxy + the outgoing connection. See: [170]-proxy. Forward connections can + also use: [171]-ssh. + * Reverse VNC connections via the [172]UltraVNC repeater proxy (either normal or SSL) are supported. Use either the - "[169]-connect repeater=ID:NNNN+host:port" or "[170]-connect - repeater://host:port+ID:NNNN" notation. The [171]SSVNC VNC viewer + "[173]-connect repeater=ID:NNNN+host:port" or "[174]-connect + repeater://host:port+ID:NNNN" notation. The [175]SSVNC VNC viewer also supports the UltraVNC repeater. * Support for indexed colormaps (PseudoColor) with depths other than 8 (from 1 to 16 now work) for non-standard hardware. Option - "[172]-advertise_truecolor" to handle some workaround in this + "[176]-advertise_truecolor" to handle some workaround in this mode. * Support for the ZYWRLE encoding, this is the RealVNC ZRLE encoding extended to do motion video and photo regions more efficiently by way of a Wavelet based transformation. - * The [173]-finddpy and [174]-listdpy utilities help to debug and - configure the [175]-find, [176]-create, and [177]-display WAIT:... + * The [177]-finddpy and [178]-listdpy utilities help to debug and + configure the [179]-find, [180]-create, and [181]-display WAIT:... modes. * Some automatic detection of screen resizes are handled even if the - [178]-xrandr option is not supplied. - * The [179]-autoport options gives more control over the VNC port + [182]-xrandr option is not supplied. + * The [183]-autoport options gives more control over the VNC port x11vnc chooses. - * The [180]-ping secs can be used to help keep idle connections + * The [184]-ping secs can be used to help keep idle connections alive. * Pasting of the selection/clipboard into remote applications (e.g. Java) has been improved. * Fixed a bug if a client disconnects during the 'speed-estimation' phase. * To unset Caps_Lock, Num_Lock and raise all keys in the X server - use [181]-clear_all. + use [185]-clear_all. * Usage with dvorak keyboards has been improved. See also: - [182]-xkb. - * The [183]Java Viewer applet source code is now included in the + [186]-xkb. + * The [187]Java Viewer applet source code is now included in the x11vnc-0.9.*.tar.gz tarball. This means you can now build the Java viewer applet jar files from source. If you stopped shipping the Java viewer applet jar files due to lack of source code, you can @@ -1082,15 +1088,15 @@ LAY Here are some features that appeared in the 0.9.3 release: - * [184]Viewer-side pixmap caching. A large area of pixels (at least + * [188]Viewer-side pixmap caching. A large area of pixels (at least 2-3 times as big as the framebuffer itself; the bigger the better... default is 10X) is placed below the framebuffer to act as a buffer/cache area for pixel data. The VNC CopyRect encoding is used to move it around, so any viewer can take advantage of it. Until we start modifying viewers you will be able to see the cache - area if you scroll down (this makes it easier to debug!). For + area if you scroll down (this makes it easier to debug!) For testing the default is "-ncache 10". The unix Enhanced TightVNC - Viewer [185]ssvnc has a nice [186]-ycrop option to help hide the + Viewer [189]ssvnc has a nice [190]-ycrop option to help hide the pixel cache area from view. @@ -1103,30 +1109,30 @@ LAY * If UltraVNC file transfer or chat is detected, then VNC clients are "pinged" more often to prevent these side channels from becoming serviced too infrequently. - * In [187]-unixpw mode in the username and password dialog no text + * In [191]-unixpw mode in the username and password dialog no text will be echoed if the first character sent is "Escape". This enables a convenience feature in SSVNC to send the username and password automatically. Here are some features that appeared in the 0.9.1 release: - * The [188]UltraVNC Java viewer has been enhanced to support SSL (as - the TightVNC viewer had been previously). The UltraVNC Java + * The [192]UltraVNC Java viewer has been enhanced to support SSL (as + the TightVNC viewer had been previously.) The UltraVNC Java supports ultravnc filetransfer, and so can be used as a VNC viewer on Unix that supports ultravnc filetransfer. It is in the classes/ssl/UltraViewerSSL.jar file (that is pointed to by - ultra.vnc). The signed applet SignedUltraViewerSSL.jar version + ultra.vnc.) The signed applet SignedUltraViewerSSL.jar version (pointed to by ultrasigned.vnc) will be needed to access the local drive if you are using it for file transfer via a Web browser. Some other bugs in the UltraVNC Java viewer were fixed and a few improvements to the UI made. * A new Unix username login mode for VNC Viewers authenticated via a - Client SSL Certificate: "[189]-users sslpeer=". The emailAddress + Client SSL Certificate: "[193]-users sslpeer=". The emailAddress subject field is inspected for username@hostname and then acts as though "-users +username" has been supplied. This way the Unix username is identified by (i.e. simply extracted from) the Client - SSL Certificate. This could be useful with [190]-find, - [191]-create and [192]-svc modes if you are also have set up and + SSL Certificate. This could be useful with [194]-find, + [195]-create and [196]-svc modes if you are also have set up and use VNC Client SSL Certificate authentication. * For external display finding/creating programs (e.g. WAIT:cmd=...) if the VNC Viewer is authenticated via a Client SSL Certificate, @@ -1135,41 +1141,41 @@ LAY Here are some features that appeared in the 0.9 release: - * [193]VNC Service advertising via mDNS / ZeroConf / BonJour with - the [194]Avahi client library. Enable via "[195]-avahi" or - "[196]-zeroconf". + * [197]VNC Service advertising via mDNS / ZeroConf / BonJour with + the [198]Avahi client library. Enable via "[199]-avahi" or + "[200]-zeroconf". * Implementations of UltraVNC's TextChat, SingleWindow, and - ServerInput extensions (requires ultravnc viewer or [197]ssvnc - Unix viewer). They toggle the selection of a single window - ([198]-id), and disable (friendly) user input and viewing (monitor + ServerInput extensions (requires ultravnc viewer or [201]ssvnc + Unix viewer.) They toggle the selection of a single window + ([202]-id), and disable (friendly) user input and viewing (monitor blank) at the VNC server. - * Short aliases "[199]-find", "[200]-create", "[201]-svc", and - "[202]-xdmsvc" for commonly used FINDCREATEDISPLAY usage modes. + * Short aliases "[203]-find", "[204]-create", "[205]-svc", and + "[206]-xdmsvc" for commonly used FINDCREATEDISPLAY usage modes. * Reverse VNC connections (viewer listening) now work in SSL - ([203]-ssl) mode. + ([207]-ssl) mode. * New options to control the Monitor power state and keyboard/mouse - grabbing: [204]-forcedpms, [205]-clientdpms, [206]-noserverdpms, - and [207]-grabalways. + grabbing: [208]-forcedpms, [209]-clientdpms, [210]-noserverdpms, + and [211]-grabalways. * A simple way to emulate inetd(8) to some degree via the - "[208]-loopbg" option. - * Monitor the accuracy of XDAMAGE and apply "[209]-noxdamage" if it - is not working well. OpenGL applications like like [210]beryl and + "[212]-loopbg" option. + * Monitor the accuracy of XDAMAGE and apply "[213]-noxdamage" if it + is not working well. OpenGL applications like like [214]beryl and MythTv have been shown to make XDAMAGE not work properly. * For Java SSL connections involving a router/firewall port - redirection, an option [211]-httpsredir to spare the user from + redirection, an option [215]-httpsredir to spare the user from needing to include &PORT=NNN in the browser URL. Here are some features that appeared in the 0.8.4 release: - * Native [212]Mac OS X Aqua/Quartz support. (i.e. OSXvnc + * Native [216]Mac OS X Aqua/Quartz support. (i.e. OSXvnc alternative; some activities are faster) - * A [213]new login mode: "-display WAIT:cmd=FINDCREATEDISPLAY + * A [217]new login mode: "-display WAIT:cmd=FINDCREATEDISPLAY -unixpw ..." that will Create a new X session (either virtual or real and with or without a display manager, e.g. kdm) for the user if it cannot find the user's X session display via the FINDDISPLAY - method. See the [214]-svc and the [215]-xdmsvc aliases. - * x11vnc can act as a VNC [216]reflector/repeater using the - "[217]-reflect host:N" option. Instead of polling an X display, + method. See the [218]-svc and the [219]-xdmsvc aliases. + * x11vnc can act as a VNC [220]reflector/repeater using the + "[221]-reflect host:N" option. Instead of polling an X display, the remote VNC Server host:N is connected to and re-exported via VNC. This is intended for use in broadcasting a display to many (e.g. > 16; classroom or large demo) VNC viewers where bandwidth @@ -1177,16 +1183,16 @@ LAY number of repeaters. * Wireframe copyrect detection for local user activity (e.g. someone sitting at the physical display moving windows) Use - [218]-nowireframelocal to disable. - * The "[219]-N" option couples the VNC Display number to the X + [222]-nowireframelocal to disable. + * The "[223]-N" option couples the VNC Display number to the X Display number. E.g. if your X DISPLAY is :2 then the VNC display - will be :2 (i.e. using port 5902). If that port is taken x11vnc + will be :2 (i.e. using port 5902.) If that port is taken x11vnc will exit. - * Option [220]-nodpms to avoid problems with programs like KDE's + * Option [224]-nodpms to avoid problems with programs like KDE's kdesktop_lock that keep restarting the screen saver every few seconds. * To automatically fix the common mouse motion problem on XINERAMA - (multi-headed) displays, the [221]-xwarppointer option is enabled + (multi-headed) displays, the [225]-xwarppointer option is enabled by default when XINERAMA is active. If you have a Mac please try out the native Mac OS X support, build @@ -1196,62 +1202,62 @@ LAY Here are some features that appeared in the 0.8.3 release: - * The [222]-ssl option provides SSL encryption and authentication - natively via the [223]www.openssl.org library. One can use from a + * The [226]-ssl option provides SSL encryption and authentication + natively via the [227]www.openssl.org library. One can use from a simple self-signed certificate server certificate up to full CA and client certificate authentication schemes. - * Similar to -ssl, the [224]-stunnel option starts up a SSL tunnel + * Similar to -ssl, the [228]-stunnel option starts up a SSL tunnel server stunnel (that must be installed separately on the system: - [225]www.stunnel.org [226]stunnel.mirt.net ) to allow only + [229]www.stunnel.org [230]stunnel.mirt.net ) to allow only encrypted SSL connections from the network. - * The [227]-sslverify option allows for authenticating VNC clients + * The [231]-sslverify option allows for authenticating VNC clients via their certificates in either -ssl or -stunnel modes. * Certificate creation and management tools are provide in the - [228]-sslGenCert, [229]-sslGenCA, and [230]related options. + [232]-sslGenCert, [233]-sslGenCA, and [234]related options. * An SSL enabled Java applet VNC Viewer applet is provided by x11vnc in classes/ssl/VncViewer.jar. In addition to normal HTTP, the applet may be loaded into the web browser via HTTPS (HTTP over - SSL). (one can use the VNC port, e.g. https://host:5900/, or also - the separate [231]-https port option). A wrapper shell script - [232]ss_vncviewer is also provided that sets up a stunnel - client-side tunnel on Unix systems. See [233]Enhanced TightVNC + SSL.) (one can use the VNC port, e.g. https://host:5900/, or also + the separate [235]-https port option.) A wrapper shell script + [236]ss_vncviewer is also provided that sets up a stunnel + client-side tunnel on Unix systems. See [237]Enhanced TightVNC Viewer (SSVNC) for other SSL/SSH viewer possibilities. - * The [234]-unixpw option supports Unix username and password - authentication (a simpler variant is the [235]-unixpw_nis option + * The [238]-unixpw option supports Unix username and password + authentication (a simpler variant is the [239]-unixpw_nis option that works in environments where the encrypted passwords are - readable, e.g. NIS). The [236]-ssl or [237]-localhost + - [238]-stunnel options are enforced in this mode to prevent + readable, e.g. NIS.) The [240]-ssl or [241]-localhost + + [242]-stunnel options are enforced in this mode to prevent password sniffing. As a convenience, these requirements are lifted - if a SSH tunnel can be deduced (but -localhost still applies). - * Coupling [239]-unixpw with "[240]-display WAIT:cmd=FINDDISPLAY" or + if a SSH tunnel can be deduced (but -localhost still applies.) + * Coupling [243]-unixpw with "[244]-display WAIT:cmd=FINDDISPLAY" or "-display WAIT:cmd=FINDCREATEDISPLAY" provides a way to allow a user to login with their UNIX password and have their display - connected to [241]automatically. See the [242]-svc and the - [243]-xdmsvc aliases. - * Hooks are provided in the [244]-unixpw_cmd and "[245]-passwdfile + connected to [245]automatically. See the [246]-svc and the + [247]-xdmsvc aliases. + * Hooks are provided in the [248]-unixpw_cmd and "[249]-passwdfile cmd:,custom:..." options to allow you to supply your own authentication and password lookup programs. * x11vnc can be configured and built to not depend on X11 libraries - "./configure --without-x" for [246]-rawfb only operation (e.g. - embedded linux console devices). - * The [247]-rotate option enables you to rotate or reflect the + "./configure --without-x" for [250]-rawfb only operation (e.g. + embedded linux console devices.) + * The [251]-rotate option enables you to rotate or reflect the screen before exporting via VNC. This is intended for use on handhelds and other devices where the rotation orientation is not "natural". - * The "[248]-ultrafilexfer" alias is provided and improved UltraVNC + * The "[252]-ultrafilexfer" alias is provided and improved UltraVNC filetransfer rates have been achieved. - * Under the "[249]-connect_or_exit host" option x11vnc will exit + * Under the "[253]-connect_or_exit host" option x11vnc will exit immediately unless the reverse connection to host succeeds. The "-rfbport 0" option disables TCP listening for connections (useful - for this mode). - * The "[250]-rawfb rand" and "-rawfb none" options are useful for + for this mode.) + * The "[254]-rawfb rand" and "-rawfb none" options are useful for testing automation scripts, etc., without requiring a full desktop. - * Reduced spewing of information at startup, use "[251]-verbose" + * Reduced spewing of information at startup, use "[255]-verbose" (also "-v") to turn it back on for debugging or if you are going to send me a problem report. - Here are some [252]Previous Release Notes + Here are some [256]Previous Release Notes _________________________________________________________________ Some Notes: @@ -1278,14 +1284,14 @@ LAY protocol.) I suggest using xsetroot, dtstyle or similar utility to set a solid background while using x11vnc. You can turn the pretty background image back on when you are using the display directly. - Update: As of Feb/2005 x11vnc has the [253]-solid [color] option that + Update: As of Feb/2005 x11vnc has the [257]-solid [color] option that works on recent GNOME, KDE, and CDE and also on classic X (background - image is on the root window). Update: As of Oct/2007 x11vnc has the - [254]-ncache option that does a reasonable job caching the background + image is on the root window.) Update: As of Oct/2007 x11vnc has the + [258]-ncache option that does a reasonable job caching the background (and other) pixmap data on the viewer side. - I also find the [255]TightVNC encoding gives the best response for my - usage (Unix <-> Unix over cable modem). One needs a tightvnc-aware + I also find the [259]TightVNC encoding gives the best response for my + usage (Unix <-> Unix over cable modem.) One needs a tightvnc-aware vncviewer to take advantage of this encoding. TCP port issues: Notice the lines @@ -1293,20 +1299,20 @@ LAY PORT=5900 in the output. 5900 is the default VNC listening port (just like 6000 - is X11's default listening port). Had port 5900 been taken by some + is X11's default listening port.) Had port 5900 been taken by some other application, x11vnc would have next tried 5901. That would mean the viewer command above should be changed to vncviewer - far-away.east:1. You can force the port with the "[256]-rfbport NNNN" + far-away.east:1. You can force the port with the "[260]-rfbport NNNN" option where NNNN is the desired port number. If that port is already - taken, x11vnc will exit immediately. The "[257]-N" option will try to + taken, x11vnc will exit immediately. The "[261]-N" option will try to match the VNC display number to the X display. (also see the "SunRay Gotcha" note below) Options: x11vnc has (far too) many features that may be activated - via its [258]command line options. Useful options are, e.g., -scale to + via its [262]command line options. Useful options are, e.g., -scale to do server-side scaling, and -rfbauth passwd-file to use VNC password protection (the vncpasswd or storepasswd programs, or the x11vnc - [259]-storepasswd option can be used to create the password file). + [263]-storepasswd option can be used to create the password file.) Algorithm: How does x11vnc do it? Rather brute-forcedly: it continuously polls the X11 framebuffer for changes using @@ -1334,7 +1340,7 @@ LAY first testing out the programs. You get an interesting recursive/feedback effect where vncviewer images keep popping up each one contained in the previous one and slightly shifted a bit by the - window manager decorations. There will be an [260]even more + window manager decorations. There will be an [264]even more interesting effect if -scale is used. Also, if the XKEYBOARD is supported and the XBell "beeps" once, you get an infinite loop of beeps going off. Although all of this is mildly exciting it is not @@ -1344,8 +1350,8 @@ LAY Sun Ray Notes: - You can run x11vnc on your (connected or disconnected) [261]SunRay - session. Here are some [262]notes on SunRay usage with x11vnc. + You can run x11vnc on your (connected or disconnected) [265]SunRay + session. Here are some [266]notes on SunRay usage with x11vnc. _________________________________________________________________ @@ -1356,16 +1362,16 @@ LAY large areas) slow. Experiment with interacting a bit differently than you normally do to minimize the effects (e.g. do fullpage paging rather than line-by-line scrolling, and move windows in a - single, quick motion). Recent work has provided the - [263]-scrollcopyrect and [264]-wireframe speedups using the + single, quick motion.) Recent work has provided the + [267]-scrollcopyrect and [268]-wireframe speedups using the CopyRect VNC encoding and other things, but they only speed up some activities, not all. * A rate limiting factor for x11vnc performance is that graphics hardware is optimized for writing, not reading (x11vnc reads the - video framebuffer for the screen image data). The difference can + video framebuffer for the screen image data.) The difference can be a factor of 10 to 1000, and so it usually takes about 0.5-1 sec to read in the whole video hardware framebuffer (e.g. 5MB for - 1280x1024 at depth 24 with a read rate of 5-10MB/sec). So whenever + 1280x1024 at depth 24 with a read rate of 5-10MB/sec.) So whenever activity changes most of the screen (e.g. moving or iconifying a large window) there is a delay of 0.5-1 sec while x11vnc reads the changed regions in. @@ -1373,14 +1379,14 @@ LAY bottleneck on a fast LAN (whereas on slower links the reduced network bandwidth becomes the bottleneck.) Note: A quick way to get a 2X speedup of this for x11vnc is to - switch your X server from depth 24 (32bpp) to depth 16 (16bpp). + switch your X server from depth 24 (32bpp) to depth 16 (16bpp.) You get a 4X speedup going to 8bpp, but the lack of color cells is usually unacceptable. To get a sense of the read and write speeds of your video card, you can run benchmarks like: "x11perf -getimage500", "x11perf -putimage500", "x11perf -shmput500" and for XFree86 displays with direct graphics access the "dga" command (press "b" to run the - benchmark and then after a few seconds press "q" to quit). Even + benchmark and then after a few seconds press "q" to quit.) Even this "dd if=/dev/fb0 of=/dev/null" often gives a good estimate. x11vnc also prints out its estimate: 28/02/2009 11:11:07 Autoprobing TCP port @@ -1397,7 +1403,7 @@ LAY On XFree86/Xorg it is actually possible to increase the framebuffer read speed considerably (10-100 times) by using the Shadow Framebuffer (a copy of the framebuffer is kept in main - memory and this can be read much more quickly). To do this one + memory and this can be read much more quickly.) To do this one puts the line Option "ShadowFB" "true" in the Device section of the /etc/X11/XF86Config or /etc/X11/xorg.conf file. Note that this disables 2D acceleration at the physical display and so that might @@ -1405,7 +1411,7 @@ LAY display. Nevertheless this could be handy in some circumstances, e.g. if the slower speed while sitting at the physical display was acceptable (this seems to be true for most video cards these - days). Unfortunately it does not seem shadowfb can be turned on + days.) Unfortunately it does not seem shadowfb can be turned on and off dynamically... Another amusing thing one can do is use Xvfb as the X server, e.g. "xinit $HOME/.xinitrc -- /usr/X11R6/bin/Xvfb :1 -screen 0 @@ -1416,37 +1422,37 @@ LAY but we mention it because it may be of use for special purpose applications. You may need to use the "-cc 4" option to force Xvfb to use a TrueColor visual instead of DirectColor. See also the - description of the [265]-create option that does all of this + description of the [269]-create option that does all of this automatically for you. Also, a faster and more accurate way is to use the "dummy" - XFree86/Xorg device driver (or our Xdummy wrapper script). See - [266]this FAQ for details. + XFree86/Xorg device driver (or our Xdummy wrapper script.) See + [270]this FAQ for details. * Somewhat surprisingly, the X11 mouse (cursor) shape is write-only and cannot be queried from the X server. So traditionally in x11vnc the cursor shape stays fixed at an arrow. (see the "-cursor - X" and "-cursor some" [267]options, however, for a partial hack - for the root window, etc.). However, on Solaris using the SUN_OVL + X" and "-cursor some" [271]options, however, for a partial hack + for the root window, etc.) However, on Solaris using the SUN_OVL overlay extension, x11vnc can show the correct mouse cursor when - the [268]-overlay option is also supplied. A similar thing is done + the [272]-overlay option is also supplied. A similar thing is done on IRIX as well when -overlay is supplied. More generally, as of Dec/2004 x11vnc supports the new XFIXES extension (in Xorg and Solaris 10) to query the X server for the exact cursor shape, this works pretty well except that cursors with transparency (alpha channel) need to approximated to solid - RGB values (some cursors look worse than others). + RGB values (some cursors look worse than others.) * Audio from applications is of course not redirected (separate - redirectors do exist, e.g. esd, see [269]the FAQ on this below.) + redirectors do exist, e.g. esd, see [273]the FAQ on this below.) The XBell() "beeps" will work if the X server supports the XKEYBOARD extension. (Note that on Solaris XKEYBOARD is disabled - by default. Passing +kb to Xsun enables it). - * The scroll detection algorithm for the [270]-scrollcopyrect option + by default. Passing +kb to Xsun enables it.) + * The scroll detection algorithm for the [274]-scrollcopyrect option can give choppy or bunched up transient output and occasionally painting errors. * Using -threads can expose some bugs/crashes in libvncserver. - Please feel free to [271]contact me if you have any questions, + Please feel free to [275]contact me if you have any questions, problems, or comments about x11vnc, etc. - Also, some people ask if they can make a donation, see [272]this link + Also, some people ask if they can make a donation, see [276]this link for that. References @@ -1574,155 +1580,159 @@ References 121. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc 122. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads 123. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect - 124. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 125. http://www.virtualgl.org/ - 126. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc - 127. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr - 128. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 129. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rmflag - 130. http://sourceforge.net/projects/vencrypt/ - 131. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 132. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 133. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt - 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls - 135. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslonly - 136. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 124. http://bugs.freedesktop.org/show_bug.cgi?id=21454 + 125. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-repeat + 126. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip + 127. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 128. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 129. http://www.virtualgl.org/ + 130. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc + 131. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr + 132. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 133. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rmflag + 134. http://sourceforge.net/projects/vencrypt/ + 135. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 136. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls - 139. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL - 140. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA - 141. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert - 142. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 143. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_oneport - 144. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir - 145. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 146. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi - 147. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf - 148. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 149. http://www.karlrunge.com/x11vnc/x11vnc.desktop - 150. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o - 151. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 152. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen - 153. http://www.karlrunge.com/x11vnc/faq.html#infaq_gdm - 154. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc - 155. http://www.karlrunge.com/x11vnc/ssvnc.html - 156. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 157. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-geometry - 158. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-chatwindow - 159. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 160. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 161. http://www.karlrunge.com/x11vnc/ssvnc.html - 162. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect + 139. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslonly + 140. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 141. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt + 142. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls + 143. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL + 144. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA + 145. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert + 146. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 147. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_oneport + 148. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir + 149. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 150. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi + 151. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf + 152. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 153. http://www.karlrunge.com/x11vnc/x11vnc.desktop + 154. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o + 155. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 156. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen + 157. http://www.karlrunge.com/x11vnc/faq.html#infaq_gdm + 158. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc + 159. http://www.karlrunge.com/x11vnc/ssvnc.html + 160. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 161. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-geometry + 162. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-chatwindow 163. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find 164. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 165. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 166. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy - 167. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssh - 168. http://www.uvnc.com/addons/repeater.html - 169. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect - 170. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 171. http://www.karlrunge.com/x11vnc/ssvnc.html - 172. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-advertise_truecolor - 173. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-finddpy - 174. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listdpy - 175. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 176. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 177. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 178. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr - 179. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-autoport - 180. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ping - 181. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all - 182. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 183. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers - 184. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching - 185. http://www.karlrunge.com/x11vnc/ssvnc.html - 186. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop - 187. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 188. http://www.ultravnc.com/ - 189. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 190. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 191. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 192. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 193. http://www.karlrunge.com/x11vnc/faq.html#faq-avahi - 194. http://www.avahi.org/ - 195. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi - 196. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf - 197. http://www.karlrunge.com/x11vnc/ssvnc.html - 198. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 199. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 200. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 201. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 202. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 203. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 204. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forcedpms - 205. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clientdpms - 206. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms - 207. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-grabalways - 208. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 209. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 210. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl - 211. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir - 212. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx - 213. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 214. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 215. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 216. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect - 217. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect - 218. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nowireframelocal - 219. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N - 220. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms - 221. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 222. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 223. http://www.openssl.org/ - 224. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 225. http://www.stunnel.org/ - 226. http://stunnel.mirt.net/ - 227. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify - 228. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert - 229. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA - 230. http://www.karlrunge.com/x11vnc/ssl.html - 231. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https - 232. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer - 233. http://www.karlrunge.com/x11vnc/ssvnc.html - 234. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis - 236. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 237. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 239. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 240. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 241. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 242. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 243. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 244. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd - 245. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 246. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 247. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate - 248. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer - 249. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit + 165. http://www.karlrunge.com/x11vnc/ssvnc.html + 166. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect + 167. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 168. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 169. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 170. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 171. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssh + 172. http://www.uvnc.com/addons/repeater.html + 173. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect + 174. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 175. http://www.karlrunge.com/x11vnc/ssvnc.html + 176. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-advertise_truecolor + 177. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-finddpy + 178. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listdpy + 179. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 180. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 181. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 182. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr + 183. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-autoport + 184. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ping + 185. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all + 186. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 187. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers + 188. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching + 189. http://www.karlrunge.com/x11vnc/ssvnc.html + 190. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop + 191. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 192. http://www.ultravnc.com/ + 193. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 194. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 195. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 196. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 197. http://www.karlrunge.com/x11vnc/faq.html#faq-avahi + 198. http://www.avahi.org/ + 199. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi + 200. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf + 201. http://www.karlrunge.com/x11vnc/ssvnc.html + 202. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 203. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 204. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 205. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 206. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 207. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 208. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forcedpms + 209. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clientdpms + 210. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms + 211. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-grabalways + 212. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 213. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 214. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl + 215. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir + 216. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx + 217. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 218. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 219. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 220. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect + 221. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect + 222. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nowireframelocal + 223. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N + 224. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms + 225. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 226. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 227. http://www.openssl.org/ + 228. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 229. http://www.stunnel.org/ + 230. http://stunnel.mirt.net/ + 231. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify + 232. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert + 233. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA + 234. http://www.karlrunge.com/x11vnc/ssl.html + 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https + 236. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer + 237. http://www.karlrunge.com/x11vnc/ssvnc.html + 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 239. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis + 240. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 241. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 242. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 243. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 244. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 245. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 246. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 247. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 248. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd + 249. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile 250. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 251. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-v, - 252. http://www.karlrunge.com/x11vnc/prevrels.html - 253. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 254. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 255. http://www.tightvnc.com/ - 256. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 257. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N - 258. http://www.karlrunge.com/x11vnc/x11vnc_opts.html - 259. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd - 260. http://www.karlrunge.com/x11vnc/recurse_x11vnc.jpg - 261. http://www.sun.com/sunray/index.html - 262. http://www.karlrunge.com/x11vnc/sunray.html - 263. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 264. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 265. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 266. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 269. http://www.karlrunge.com/x11vnc/faq.html#faq-sound - 270. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 271. mailto:xvml@karlrunge.com - 272. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks + 251. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate + 252. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer + 253. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit + 254. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 255. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-v, + 256. http://www.karlrunge.com/x11vnc/prevrels.html + 257. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 258. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 259. http://www.tightvnc.com/ + 260. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 261. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N + 262. http://www.karlrunge.com/x11vnc/x11vnc_opts.html + 263. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd + 264. http://www.karlrunge.com/x11vnc/recurse_x11vnc.jpg + 265. http://www.sun.com/sunray/index.html + 266. http://www.karlrunge.com/x11vnc/sunray.html + 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 269. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 270. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 271. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 272. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 273. http://www.karlrunge.com/x11vnc/faq.html#faq-sound + 274. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 275. mailto:xvml@karlrunge.com + 276. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks ======================================================================= http://www.karlrunge.com/x11vnc/faq.html: @@ -1744,7 +1754,7 @@ http://www.karlrunge.com/x11vnc/faq.html: [5]Q-3: I just built x11vnc successfully, but when I use it my keystrokes and mouse button clicks are ignored (I am able to move the - mouse though). + mouse though.) [6]Q-4: Help, I need to run x11vnc on Solaris 2.5.1 (or other old Unix/Linux) and it doesn't compile! @@ -1810,7 +1820,7 @@ http://www.karlrunge.com/x11vnc/faq.html: [Color Issues] [24]Q-22: The X display I run x11vnc on is only 8 bits per pixel (bpp) - PseudoColor (i.e. only 256 distinct colors). The x11vnc colors may + PseudoColor (i.e. only 256 distinct colors.) The x11vnc colors may start out OK, but after a while they are incorrect in certain windows. [25]Q-23: Color problems: Why are the colors for some windows @@ -1828,7 +1838,7 @@ http://www.karlrunge.com/x11vnc/faq.html: using the -id windowid option to view a single application window? [29]Q-27: My X display is depth 24 at 24bpp (instead of the normal - depth 24 at 32bpp). I'm having lots of color and visual problems with + depth 24 at 32bpp.) I'm having lots of color and visual problems with x11vnc and/or vncviewer. What's up? [Xterminals] @@ -1904,7 +1914,7 @@ http://www.karlrunge.com/x11vnc/faq.html: different user? [49]Q-47: I use a screen-lock when I leave my workstation (e.g. - xscreensaver or xlock). When I remotely access my workstation desktop + xscreensaver or xlock.) When I remotely access my workstation desktop via x11vnc I can unlock the desktop fine, but I am worried people will see my activities on the physical monitor. What can I do to prevent this, or at least make it more difficult? @@ -1944,7 +1954,7 @@ http://www.karlrunge.com/x11vnc/faq.html: [60]Q-58: How can I use x11vnc to connect to an X login screen like xdm, GNOME gdm, KDE kdm, or CDE dtlogin? (i.e. nobody is logged into - an X session yet). + an X session yet.) [61]Q-59: Can I run x11vnc out of inetd(8)? How about xinetd(8)? @@ -1969,7 +1979,7 @@ http://www.karlrunge.com/x11vnc/faq.html: proxy or SSH? [68]Q-66: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a - real display, but for a virtual one I keep around). + real display, but for a virtual one I keep around.) [69]Q-67: How can I use x11vnc on "headless" machines? Why might I want to? @@ -1995,7 +2005,7 @@ http://www.karlrunge.com/x11vnc/faq.html: [76]Q-74: When I drag windows around with the mouse or scroll up and down things really bog down (unless I do the drag in a single, quick - motion). Is there anything to do to improve things? + motion.) Is there anything to do to improve things? [77]Q-75: Why not do something like wireframe animations to avoid the windows "lurching" when being moved or resized? @@ -2044,7 +2054,7 @@ http://www.karlrunge.com/x11vnc/faq.html: (i.e. greater than)! Strangely, typing ">" works OK!! [89]Q-87: Extra Character Inserted, E.g.: When I try to type a "<" - (i.e. less than) instead I get "<," (i.e. an extra comma). + (i.e. less than) instead I get "<," (i.e. an extra comma.) [90]Q-88: I'm using an "international" keyboard (e.g. German "de", or Danish "dk") and the -modtweak mode works well if the VNC viewer is @@ -2089,16 +2099,16 @@ http://www.karlrunge.com/x11vnc/faq.html: vncviewer scrollbars, what I can do? [100]Q-98: Does x11vnc support server-side framebuffer scaling? (E.g. - to make the desktop smaller). + to make the desktop smaller.) [101]Q-99: Does x11vnc work with Xinerama? (i.e. multiple monitors - joined together to form one big, single screen). + joined together to form one big, single screen.) [102]Q-100: Can I use x11vnc on a multi-headed display that is not Xinerama (i.e. separate screens :0.0, :0.1, ... for each monitor)? [103]Q-101: Can x11vnc show only a portion of the display? (E.g. for a - special purpose application or a very large screen). + special purpose application or a very large screen.) [104]Q-102: Does x11vnc support the XRANDR (X Resize, Rotate and Reflection) extension? Whenever I rotate or resize the screen x11vnc @@ -2106,7 +2116,7 @@ http://www.karlrunge.com/x11vnc/faq.html: [105]Q-103: Independent of any XRANDR, can I have x11vnc rotate and/or reflect the screen that the VNC viewers see? (e.g. for a handheld - whose screen is rotated 90 degrees). + whose screen is rotated 90 degrees.) [106]Q-104: Why is the view in my VNC viewer completely black? Or why is everything flashing around randomly? @@ -2114,7 +2124,7 @@ http://www.karlrunge.com/x11vnc/faq.html: [107]Q-105: I use Linux Virtual Consoles (VC's) to implement 'Fast User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7, Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those - keystrokes to switch between their sessions). How come the view in a + keystrokes to switch between their sessions.) How come the view in a VNC viewer connecting to x11vnc is either completely black or otherwise all messed up unless the X session x11vnc is attached to is in the active VC? @@ -2208,9 +2218,9 @@ http://www.karlrunge.com/x11vnc/faq.html: For the former error, you need to specify the X display to connect to (it also needs to be on the same machine the x11vnc process is to run - on). Set your DISPLAY environment variable (or use the [131]-display + on.) Set your DISPLAY environment variable (or use the [131]-display option) to specify it. Nearly always the correct value will be ":0" - (in fact, x11vnc will now assume :0 if given no other information). + (in fact, x11vnc will now assume :0 if given no other information.) For the latter error, you need to set up the X11 permissions @@ -2218,9 +2228,9 @@ http://www.karlrunge.com/x11vnc/faq.html: To make sure X11 permissions are the problem do this simple test: while sitting at the physical X display open a terminal window - (gnome-terminal, xterm, etc). You should be able to run x11vnc + (gnome-terminal, xterm, etc.) You should be able to run x11vnc successfully without any need for special steps or command line - options in that terminal (i.e. just type "x11vnc"). If that works OK + options in that terminal (i.e. just type "x11vnc".) If that works OK then you know X11 permissions are the only thing preventing it from working when you try to start x11vnc via, say, a remote shell. @@ -2231,7 +2241,7 @@ http://www.karlrunge.com/x11vnc/faq.html: /home/joe/.Xauthority or /var/gdm/:0.Xauth or /var/lib/kdm/A:0-crWk72K or /tmp/.gdmzndVlR, etc, etc.), or simply be sure you run x11vnc as the correct user (i.e. the user who is logged into the X session you - wish to view). + wish to view.) Note: The MIT cookie file contains the secret key that allows x11vnc to connect to the desired X display. @@ -2240,7 +2250,7 @@ http://www.karlrunge.com/x11vnc/faq.html: created for X forwarding that will cause problems. (Under some circumstances even su(1) and telnet(1) can set XAUTHORITY. See also the gdm parameter NeverPlaceCookiesOnNFS that sets XAUTHORITY to a - random filename in /tmp for the whole X session). + random filename in /tmp for the whole X session.) Running x11vnc as root is often not enough: you need to know where the MIT-MAGIC-COOKIE file for the desired X display is. @@ -2250,7 +2260,7 @@ http://www.karlrunge.com/x11vnc/faq.html: (this is for the display manager gdm and requires root permission to read the gdm cookie file, see [134]this faq for other display manager - cookie file names). + cookie file names.) Note as of Feb/2007 you can also try the [135]-find option instead of "-display ..." and see if that finds your display and Xauthority. @@ -2258,10 +2268,10 @@ http://www.karlrunge.com/x11vnc/faq.html: Less safe, but to avoid figuring out where the correct XAUTHORITY file is, if the person sitting at the physical X session types "xhost +localhost" then one should be able to attach x11vnc to the session - (from the same machine). The person could then type "xhost -localhost" + (from the same machine.) The person could then type "xhost -localhost" after x11vnc has connected to go back to the default permissions. Also, for some situations the "-users lurk=" option may soon be of use - (please read the documentation on the [136]-users option). + (please read the documentation on the [136]-users option.) To test out your X11 permissions from a remote shell, set DISPLAY and possibly XAUTHORITY (see your shell's man page, bash(1), tcsh(1), on @@ -2271,22 +2281,22 @@ http://www.karlrunge.com/x11vnc/faq.html: color visuals info) that means the X11 permissions are set up properly: xdpyinfo successfully connected to DISPLAY! You could also type xclock and make sure no errors are reported (a clock should - appear on the X display, press Ctrl-C to stop it). If these work, then + appear on the X display, press Ctrl-C to stop it.) If these work, then typing "x11vnc" in the same environment should also work. Important: if you cannot get your X11 permissions so that the xdpyinfo or xclock tests work, x11vnc also will not work (all of these X clients must be allowed to connect to the X server to function - properly). + properly.) Firewalls: Speaking of permissions, it should go without saying that the host-level [137]firewall will need to be configured to allow connections in on a port. E.g. 5900 (default VNC port) or 22 (default - SSH port for tunnelling VNC). Most systems these days have firewalls + SSH port for tunnelling VNC.) Most systems these days have firewalls turned on by default, so you will actively have to do something to poke a hole in the firewall at the desired port number. See your system administration tool for Firewall settings (Yast, Firestarter, - etc.). + etc.) Q-2: I can't get x11vnc and/or libvncserver to compile. @@ -2369,7 +2379,7 @@ libssl.so libcrypto.so libcrypt.so (either one you downloaded or built on another machine) there is a chance it won't work because that x11vnc binary requires libssl0.9.7 but the system only has libssl0.9.8 (which evidently is incompatible - with 0.9.7 and has a different SONAME). Your distro should allow you + with 0.9.7 and has a different SONAME.) Your distro should allow you do have both runtimes installed on your system: % dpkg -l libssl0.9.7 libssl0.9.8 ... @@ -2377,12 +2387,12 @@ libssl.so libcrypto.so libcrypt.so ii libssl0.9.8 0.9.8a-7ubuntu SSL shared libraries (in fact it should have installed both by default if it knew what it - was doing). See [139]here too. + was doing.) See [139]here too. Q-3: I just built x11vnc successfully, but when I use it my keystrokes and mouse button clicks are ignored (I am able to move the mouse - though). + though.) This is most likely due to you not having a working build environment for the XTEST client library libXtst.so. The library is probably @@ -2394,28 +2404,28 @@ libssl.so libcrypto.so libcrypt.so checking for XTestFakeKeyEvent in -lXtst... no The solution is to add the necessary build environment package (and - the library package if that is missing too). On Debian the build + the library package if that is missing too.) On Debian the build package is libxtst-dev. Other distros/OS's may have it in another package. x11vnc will build without support for this library (e.g. perhaps one - wants a view-only x11vnc on a stripped down or embedded system...). - And at runtime it will also continue to run even if the X server it + wants a view-only x11vnc on a stripped down or embedded system...) And + at runtime it will also continue to run even if the X server it connects to does not support XTEST. In both cases it cannot inject keystrokes or button clicks since XTEST is needed for that (it can - still move the mouse pointer using the X API XWarpPointer()). + still move the mouse pointer using the X API XWarpPointer().) You will see a warning message something like this at run time: 20/03/2005 22:33:09 WARNING: XTEST extension not available (either missing fr om 20/03/2005 22:33:09 display or client library libXtst missing at build time -). +.) 20/03/2005 22:33:09 MOST user input (pointer and keyboard) will be DISCARDE D. 20/03/2005 22:33:09 If display does have XTEST, be sure to build x11vnc wit h 20/03/2005 22:33:09 a working libXtst build environment (e.g. libxtst-dev, - 20/03/2005 22:33:09 or other packages). + 20/03/2005 22:33:09 or other packages.) 20/03/2005 22:33:09 No XTEST extension, switching to -xwarppointer mode for 20/03/2005 22:33:09 pointer motion input. @@ -2445,7 +2455,7 @@ h We have heard that since Dec/2004 a Solaris 2.6 built x11vnc will run on Solaris Solaris 2.5 and 2.5.1 (since a workaround for XConvertCase - is provided). + is provided.) In any event, here is a workaround for Solaris 2.5.1 (and perhaps earlier and perhaps non-Solaris): @@ -2480,7 +2490,7 @@ typedef unsigned int in_addr_t; [141]SunOS 4.x Please let us know if you had to use the above workaround (and whether - it worked or not). If there is enough demand we will try to push clean + it worked or not.) If there is enough demand we will try to push clean compilations back to earlier Solaris, Linux, etc, releases. @@ -2490,7 +2500,7 @@ typedef unsigned int in_addr_t; Hopefully the [142]build steps above and [143]FAQ provide enough info for a painless compile for most environments. Please report problems with the x11vnc configure, make, etc. on your system (if your system - is known to compile other GNU packages successfully). + is known to compile other GNU packages successfully.) There are precompiled x11vnc binaries built by other groups that are available at the following locations: @@ -2519,7 +2529,7 @@ typedef unsigned int in_addr_t; As a general note, the x11vnc program is simple enough you don't really need to install a package: the binary will in most cases work as is and from any location (as long as your system libraries are not - too old, etc). So, for Linux distributions that are not one of the + too old, etc.) So, for Linux distributions that are not one of the above, the x11vnc binary from the above packages has a good chance of working. You can "install" it by just copying the x11vnc binary to the desired directory in your PATH. Tip on extracting files from a Debian @@ -2570,7 +2580,7 @@ typedef unsigned int in_addr_t; x11vnc -wait 50 -localhost -rfbauth $HOME/.vnc/passwd -display :0 $* a similar thing can be done via aliases in your shell (bash, tcsh, - csh, etc..). + csh, etc..) Or as of Jun/2004 you can use the simple $HOME/.x11vncrc config file support. If that file exists, each line is taken as a command line @@ -2617,7 +2627,7 @@ display :0 at the physical X display (not remotely), using something like "x11vnc -display :0 -gui tray=setpass" might be something for them that they are accustomed to in a Desktop environment (it prompts for an initial - password, etc). This is a basic "Share My Desktop" usage mode. + password, etc.) This is a basic "Share My Desktop" usage mode. As of Nov/2008 in x11vnc 0.9.6 there is a desktop menu item (x11vnc.desktop) that runs this command: @@ -2632,7 +2642,7 @@ LAY default VNC port (5900)? Use something like, e.g., "x11vnc -rfbport 5901" to force it to use - port 5901 (this is VNC display :1). If something else is using that + port 5901 (this is VNC display :1.) If something else is using that port x11vnc will exit immediately. If you do not supply the -rfbport option, it will autoprobe starting at 5900 and work its way up to 5999 looking for a free port to listen on. In that case, watch for the @@ -2641,7 +2651,7 @@ LAY The "[171]-N" option will try to match the VNC display number to the X display (e.g. X11 DISPLAY of :5 (port 6005) will have VNC display :5 - (port 5905)). + (port 5905).) Also see the "[172]-autoport n" option to indicated at which value the auto probing should start at. @@ -2672,7 +2682,7 @@ LAY vncviewer third-machine.net:50 Or maybe two ports would be involved, e.g. the viewer goes to display - :51 (5951). It depends on the relay software being used. + :51 (5951.) It depends on the relay software being used. What software to run on third-machine? A TCP relay of some sort could be used... Try a google search on "tcp relay" or "ip relay". However, @@ -2681,7 +2691,7 @@ LAY Also, if you are not the admin of third-machine you'd have to convince the owner to allow you to install this software (and he would likely - need to open his server's firewall to allow the port through). + need to open his server's firewall to allow the port through.) It is recommended that [175]SSL is used for encryption (e.g. "[176]-ssl SAVE") when going over the internet. @@ -2692,10 +2702,10 @@ LAY Once that CGI script is set up on the website, both users go to, say, http://somesite.com/vncxfer (or maybe a "/cgi-bin" directory or ".cgi" - suffix must be used). Previously, both have agreed on the same session + suffix must be used.) Previously, both have agreed on the same session name (say by phone or email) , e.g. "5cows", and put that into the entry form on the vncxfer starting page (hopefully separated by a few - seconds, so the relay helper can fully start up at the first request). + seconds, so the relay helper can fully start up at the first request.) The page returned tells them the hostname and port number and possible command to use for forward (VNC Viewer) and reverse (VNC Server, i.e. @@ -2711,7 +2721,7 @@ LAY servers are not configured to do this, so you would need to ask the admin to do this for you. Nearly all free webspace sites, e.g. www.zendurl.com, will not allow your CGI script to be an open relay - like this. (If you find one that does allow this, let me know!). + like this. (If you find one that does allow this, let me know!) Maybe someday a clever trick will be thought up to relax the listening port requirement (e.g. use HTTP/CGI itself for the transfer... it is @@ -2745,12 +2755,12 @@ LAY vncviewer -encodings "copyrect tight zrle hextile" localhost:0 (we assume the old-style -encodings option needs to be used. See - [180]here for details.). + [180]here for details.) If the SSH machine has been configured (see sshd_config(5)) with the option GatewayPorts=yes, then the tunnel set up by the VNC Server will be reachable directly by the VNC viewer (as long as the SSH machine's - firewall does not block the port, 5933 in this example). So in that + firewall does not block the port, 5933 in this example.) So in that case the Viewer side does not need to run any ssh command, but rather only runs: vncviewer third-machine.net:33 @@ -2762,7 +2772,7 @@ LAY be run on the VNC Server side: x11vnc -ssh user@third-machine.net:33 ... - (the SSH passphrase may need to be supplied). + (the SSH passphrase may need to be supplied.) To automate on the VNC Viewer side, the user can use the [183]Enhanced TightVNC Viewer (SSVNC) by: @@ -2775,7 +2785,7 @@ LAY side doesn't need to create a SSH tunnel. In SSVNC the Viewer user could instead select 'Use SSL' and then, e.g., on the Server side supply "-ssl SAVE" to x11vnc. Then end-to-end SSL encryption would be - used (in addition to the SSH encryption on the Server-side leg). + used (in addition to the SSH encryption on the Server-side leg.) Q-13: Can I make x11vnc more quiet and also go into the background @@ -2830,7 +2840,7 @@ LAY There are some options. They are enabled by adding something like -Dxxxx=1 to the CPPFLAGS environment variable before running configure - (see the [191]build notes for general background). + (see the [191]build notes for general background.) /* * Mar/2006 * Build-time customization via CPPFLAGS. @@ -2842,7 +2852,7 @@ LAY * -DNOREPEAT=0 to have -repeat on by default. * -DADDKEYSYMS=0 to have -noadd_keysyms the default. * - * -DREMOTE_DEFAULT=0 to disable remote-control on by default (-yesremote). + * -DREMOTE_DEFAULT=0 to disable remote-control on by default (-yesremote.) * -DREMOTE_CONTROL=0 to disable remote-control mechanism completely. * -DEXTERNAL_COMMANDS=0 to disable the running of all external commands. * -DFILEXFER=0 disable filexfer. @@ -2917,7 +2927,7 @@ LAY * [198]x2x * [199]zvnc (MorphOS) - All of them will work with x11vnc (except x2x where it is not needed). + All of them will work with x11vnc (except x2x where it is not needed.) Q-20: I am running Win2VNC on my Windows machine and "x11vnc -nofb" on @@ -2927,17 +2937,17 @@ LAY Is the default visual of the X display you run x11vnc on low color (e.g. 8 bit per pixel PseudoColor)? (you can run xdpyinfo to check, - look in the "screen" section). There seems to be a bug in Win2VNC in + look in the "screen" section.) There seems to be a bug in Win2VNC in that it cannot deal correctly with colormaps (PseudoColor is the most - common example of a visual with a colormap). + common example of a visual with a colormap.) If so, there are a couple options. 1) Can you set the default visual on your display to be depth 24 TrueColor? Sun machines often have 8+24 overlay/multi-depth visuals, and you can make the default visual depth - 24 TrueColor (see fbconfig(1) and Xsun(1)). 2) As of Feb/2004 x11vnc + 24 TrueColor (see fbconfig(1) and Xsun(1).) 2) As of Feb/2004 x11vnc has the [200]-visual option to allow you to force the framebuffer visual to whatever you want (this usually messes up the colors unless - you are very clever). In this case, the option provides a convenient + you are very clever.) In this case, the option provides a convenient workaround for the Win2VNC bug: x11vnc -nofb -visual TrueColor -display :0 ... @@ -2957,13 +2967,13 @@ LAY [Color Issues] Q-22: The X display I run x11vnc on is only 8 bits per pixel (bpp) - PseudoColor (i.e. only 256 distinct colors). The x11vnc colors may + PseudoColor (i.e. only 256 distinct colors.) The x11vnc colors may start out OK, but after a while they are incorrect in certain windows. Use the [202]-flashcmap option to have x11vnc watch for changes in the colormap, and propagate those changes back to connected clients. This can be slow (since the whole screen must be updated over the network - whenever the colormap changes). This flashing colormap behavior often + whenever the colormap changes.) This flashing colormap behavior often happens if an application installs its own private colormap when the mouse is in its window. "netscape -install" is a well-known historical example of this. Consider reconfiguring the system to 16 bpp or depth @@ -2973,7 +2983,7 @@ LAY for flashing the colormap. Everything is dynamically transformed to depth 24 at 32 bpp using the colormaps. There may be painting errors however (see the following FAQ for tips on reducing and correcting - them). + them.) In some rare cases (SCO unixware) the [204]-notruecolor option has corrected colors on 8bpp displays. The red, green, and blue masks were @@ -2991,28 +3001,28 @@ LAY On some hardware (Sun/SPARC and SGI), the [206]-overlay option discussed a couple paragraphs down may solve this for you (you may - want to skip to it directly). On other hardware the less robust - [207]-8to24 option may help (also discussed below). + want to skip to it directly.) On other hardware the less robust + [207]-8to24 option may help (also discussed below.) Run xdpyinfo(1) to see what the default visual is and what the depths of the other visuals are. Does the default visual have a depth of 8 but there are other visuals of depth 24? If it does, can you possibly re-configure your X server to make a depth 24 visual the default? If you can do it, this will save you a lot of grief WRT colors and x11vnc - (and for general usage too!). Here is how I do this on an old + (and for general usage too!) Here is how I do this on an old Sparcstation 20 running Solaris 9 with SX graphics xinit -- -dev /dev/fb defclass TrueColor defdepth 24 and it works nicely (note: to log into console from the dtlogin window, select "Options -> Command Line Login", then login and enter - the above command). See the -dev section of the Xsun(1) manpage for a + the above command.) See the -dev section of the Xsun(1) manpage for a description of the above arguments. If you have root permission, a more permanent and convenient thing to do is to record the arguments in a line like: :0 Local local_uid@console root /usr/openwin/bin/Xsun -dev /dev/fb defclass TrueColor defdepth 24 - in /etc/dt/config/Xservers (copy /usr/dt/config/Xservers). Also look + in /etc/dt/config/Xservers (copy /usr/dt/config/Xservers.) Also look at the fbconfig(1) and related manpages (e.g. ffbconfig, m64config, pgxconfig, SUNWjfb_config, etc ...) for hardware framebuffer settings that may achieve the same effect. @@ -3020,7 +3030,7 @@ TrueColor defdepth 24 In general for non-Sun machines, look at the "-cc class" and related options in your X server manpage (perhaps Xserver(1)), it may allow modifying the default visual (e.g. "-cc 4", see <X11/X.h> for the - visual class numbers). On XFree86 some video card drivers (e.g. Matrox + visual class numbers.) On XFree86 some video card drivers (e.g. Matrox mga) have settings like Option "Overlay" "24,8" to support multi-depth overlays. For these, use the "-cc 4" X server command line option to get a depth 24 default visual. @@ -3045,12 +3055,12 @@ TrueColor defdepth 24 Misc. notes on -overlay mode: An amusing by-product of -overlay mode is that the mouse cursor shape is correct! (i.e. XFIXES is not - needed). The -overlay mode may be somewhat slower than normal mode due + needed.) The -overlay mode may be somewhat slower than normal mode due to the extra framebuffer manipulations that must be performed. Also, on Solaris there is a bug in that for some popup menus, the windows they overlap will have painting errors (flashing colors) while the popup is up (a workaround is to disable SaveUnders by passing -su to - Xsun, e.g. in your /etc/dt/config/Xservers file). + Xsun, e.g. in your /etc/dt/config/Xservers file.) The -8to24 mode: The [209]-8to24 x11vnc option (Jan/2006) is a kludge @@ -3090,11 +3100,11 @@ TrueColor defdepth 24 Colors still not working correctly? Run xwininfo on the application with the incorrect colors to verify that the depth of its visual is - different from the default visual depth (gotten from xdpyinfo). One + different from the default visual depth (gotten from xdpyinfo.) One possible workaround in this case is to use the [213]-id option to point x11vnc at the application window itself. If the application is complicated (lots of toplevel windows and popup menus) this may not be - acceptable, and may even crash x11vnc (but not the application). + acceptable, and may even crash x11vnc (but not the application.) It is theoretically possible to solve this problem in general (see xwd(1) for example), but it does not seem trivial or sufficiently fast @@ -3116,7 +3126,7 @@ TrueColor defdepth 24 The only workaround so far is to restart the X server with the "-cc 4" option to force TrueColor as the default visual (DirectColor is "-cc - 5"; see /usr/include/X11/X.h). The only place we have seen this is + 5"; see /usr/include/X11/X.h.) The only place we have seen this is with the virtual framebuffer server Xvfb on Xorg 7.2. So in that case you probably should restart it with something like this: "Xvfb :1 -cc 4 -screen 0 1280x1024x24". It should be possible for x11vnc to handle @@ -3134,7 +3144,7 @@ TrueColor defdepth 24 Run the xwininfo program in a terminal. It will ask you to click on the desired application window. After clicking, it will print out much - information, including the window id (e.g. 0x6000010). Also, the + information, including the window id (e.g. 0x6000010.) Also, the visual and depth of the window printed out is often useful in debugging x11vnc [216]color problems. @@ -3156,24 +3166,24 @@ TrueColor defdepth 24 you should be able to see these transient windows. If things are not working and you still want to do the single window - polling, try the [218]-sid windowid option ("shifted" windowid). + polling, try the [218]-sid windowid option ("shifted" windowid.) Q-27: My X display is depth 24 at 24bpp (instead of the normal depth - 24 at 32bpp). I'm having lots of color and visual problems with x11vnc + 24 at 32bpp.) I'm having lots of color and visual problems with x11vnc and/or vncviewer. What's up? First off, depth 24 at 24bpp (bpp=bits-per-pixel) is fairly uncommon and can cause problems in general. It also can be slower than depth 24 at 32bpp. You might want to switch to 32bpp (for XFree86 see the - "-fbbpp 32", DefaultFbBpp, FbBpp and related options). Perhaps you + "-fbbpp 32", DefaultFbBpp, FbBpp and related options.) Perhaps you have 24bpp because the video memory of the machine is low and the screen wouldn't fit in video RAM at 32bpp. For this case depth 16 at 16bpp might be an acceptable option. In any event x11vnc should handle depth 24 at 24bpp (although performance may be slower, and you may need to use the ZRLE encoding - instead of Tight). There are some caveats involving the viewer + instead of Tight.) There are some caveats involving the viewer however: The RealVNC Unix viewer cannot handle 24bpp from the server, it will @@ -3185,7 +3195,7 @@ TrueColor defdepth 24 correctly with the Tight encoding. The colors and screen ultimately get messed up. So you have to use a different encoding with the TightVNC vncviewer, try "zlib", "hextile", or one of the other - encodings (e.g. vncviewer -encodings "zlib hextile" ...). I have not + encodings (e.g. vncviewer -encodings "zlib hextile" ....) I have not checked the TightVNC or UltraVNC Windows viewers. It appears the older RealVNC Unix viewers (e.g. 3.3.3 and 3.3.7) can @@ -3220,7 +3230,7 @@ TrueColor defdepth 24 machine. Use the [221]-display option to point the display to that of the Xterminal (you'll of course need basic X11 permission to do that) and finally supply the [222]-noshm option (this enables the polling - over the network). + over the network.) If the Xterminal's X display is open to the network for connections, you might use something like "-display xterm123:0". If you are trying @@ -3230,7 +3240,7 @@ TrueColor defdepth 24 permissions need to allow the connection. The response will likely be sluggish (maybe only one "frame" per - second). This mode is not recommended except for "quick checks" of + second.) This mode is not recommended except for "quick checks" of hard to get to X servers. Use something like "-wait 150" to cut down on the polling rate. You may also need [223]-flipbyteorder if the colors get messed up due to endian byte order differences. @@ -3256,7 +3266,7 @@ TrueColor defdepth 24 copied to the Xterminal. If $HOME/.Xauthority is exported via NFS (this is insecure of course, but has been going on for decades), then x11vnc can simply pick it up via NFS (you may need to use the - [224]-auth option to point to the correct file). Other options include + [224]-auth option to point to the correct file.) Other options include copying the auth file using scp, or something like: central-server> xauth nextract - xterm123:0 | ssh xterm123 xauth nmerge - @@ -3280,7 +3290,7 @@ TrueColor defdepth 24 to set something up. It can be done!!! Some Xterminal projects have actually enabled "run locally" facilities for the running of an occasional app more efficiently locally on the Xterminal box (e.g. - realplayer). + realplayer.) Not recommended, but as a last resort, you could have x11vnc [226]poll the Xterminal Display over the network. For this you would run a @@ -3305,14 +3315,14 @@ TrueColor defdepth 24 drawing is done more inefficiently over the network. Something to consider, especially on a busy network. (BTW, this has all of the above permission, etc, problems: both vncviewer and x11vnc are X - client apps desired to be run on the Xterminal box). + client apps desired to be run on the Xterminal box.) [Sun Rays] Q-30: I'm having trouble using x11vnc with my Sun Ray session. The [227]Sun Ray technology is a bit like "VNC done in hardware" (the - Sun Ray terminal device, DTU, playing the role of the vncviewer). + Sun Ray terminal device, DTU, playing the role of the vncviewer.) Completely independent of that, the SunRay user's session is still an X server that speaks the X11 protocol and so x11vnc simply talks to the X server part to export the SunRay desktop to any place in the @@ -3336,7 +3346,7 @@ TrueColor defdepth 24 you cannot use the remote control, then you will have to kill the x11vnc process This can be done via: "kill NNNNN" (where NNNNN is the x11vnc process id number found from ps(1)), or "pkill x11vnc", or - "killall x11vnc" (Linux only). + "killall x11vnc" (Linux only.) If you have not put x11vnc in the background via the [233]-bg option or shell & operator, then simply press Ctrl-C in the shell where @@ -3381,7 +3391,7 @@ TrueColor defdepth 24 You may already have one in $HOME/.vnc/passwd if you have used, say, the vncserver program from the regular RealVNC or TightVNC packages - (i.e. launching the Xvnc server). Otherwise, you could use the + (i.e. launching the Xvnc server.) Otherwise, you could use the vncpasswd(1) program from those packages. As of Jun/2004 x11vnc supports the -storepasswd "pass" "file" @@ -3398,7 +3408,7 @@ TrueColor defdepth 24 you will be prompted for a password to save to ~/.vnc/passwd (your keystrokes when entering the password will not be echoed to the - screen). If you supply one argument, e.g. "x11vnc -storepasswd + screen.) If you supply one argument, e.g. "x11vnc -storepasswd ~/.mypass", the password you are prompted for will be stored in that file. @@ -3408,7 +3418,7 @@ TrueColor defdepth 24 You can use the [244]-usepw option to automatically use any password file you have in ~/.vnc/passwd or ~/.vnc/passwdfile (the latter is - used with the -passwdfile option). + used with the -passwdfile option.) x11vnc -usepw -display :0 ... @@ -3448,13 +3458,13 @@ TrueColor defdepth 24 [247]-passwdfile option to specify a file containing plain text passwords. Presumably this file is readable only by you, and ideally it is located on the machine x11vnc is run on (to avoid being snooped - on over the network). The first line of this file is the full-access + on over the network.) The first line of this file is the full-access password. If there is a second line in the file and it is non-blank, it is taken as the view-only password. (use "__EMPTY__" to supply an - empty one). + empty one.) View-only passwords currently do not work for the [248]-rfbauth - password option (standard VNC password storing mechanism). FWIW, note + password option (standard VNC password storing mechanism.) FWIW, note that although the output (usually placed in $HOME/.vnc/passwd) by the vncpasswd or storepasswd programs (or from x11vnc -storepasswd) looks encrypted they are really just obscured to avoid "casual" password @@ -3501,7 +3511,7 @@ TrueColor defdepth 24 They can be relaxed if you want to provide encryption other than stunnel or [255]-ssl (the constraint is automatically relaxed if SSH_CONNECTION is set and indicates you have ssh-ed in, however the - -localhost requirement is still enforced). + -localhost requirement is still enforced.) The two -unixpw modes have been tested on Linux, Solaris, Mac OS X, HP-UX, Tru64, FreeBSD, OpenBSD, and NetBSD. Additional testing is @@ -3542,7 +3552,7 @@ TrueColor defdepth 24 should not be trusted over the network, but on the local machine it should be accurate: otherwise root has been compromised and so there are more serious problems! Unfortunately recent Linux distros seem to - provide a random string (MD5 hash?) instead of the username). An + provide a random string (MD5 hash?) instead of the username.) An example script passed in via -accept scriptname that deduces the Unix username and limits who can be accepted might look something like this: @@ -3595,7 +3605,7 @@ exit 1 # reject it For "[266]-passwdfile cmd:command" the command is run and it returns a password list (like a password file, see the [267]-passwdfile - read:filename mode). Perhaps a dynamic, one-time password is retrieved + read:filename mode.) Perhaps a dynamic, one-time password is retrieved from a server this way. For "[268]-passwdfile custom:command" one gets complete control over @@ -3686,7 +3696,7 @@ exit 1 # reject it "[281]-allow host1,..." option to allow only specific hosts in. This option is useful if you want to insure that no one can even begin - a dialog with x11vnc from untrusted network interfaces (e.g. ppp0). + a dialog with x11vnc from untrusted network interfaces (e.g. ppp0.) The option [282]-localhost now implies "-listen localhost" since that is what most people expect it to do. @@ -3697,7 +3707,7 @@ exit 1 # reject it To do this specify "[283]-allow localhost". Unlike [284]-localhost this will leave x11vnc listening on all interfaces (but of course only - allowing in local connections, e.g. ssh redirs). Then you can later + allowing in local connections, e.g. ssh redirs.) Then you can later run "x11vnc -R allowonce:somehost" or use to gui to permit a one-shot connection from a remote host. @@ -3724,10 +3734,10 @@ exit 1 # reject it Yes, look at the "[286]-accept command" option, it allows you to specify an external command that is run for each new client. (use - quotes around the command if it contains spaces, etc.). If the - external command returns 0 (success) the client is accepted, otherwise - with any other return code the client is rejected. See below how to - also accept clients view-only. + quotes around the command if it contains spaces, etc.) If the external + command returns 0 (success) the client is accepted, otherwise with any + other return code the client is rejected. See below how to also accept + clients view-only. The external command will have the RFB_CLIENT_IP environment variable set to the client's numerical IP address, RFB_CLIENT_PORT its port @@ -3748,9 +3758,9 @@ exit 1 # reject it The popup window times out after 120 seconds, to change this behavior use "-accept popup:N" where N is the number of seconds (use 0 for no - timeout). More tricks: "-accept popupmouse" will only take mouse click + timeout.) More tricks: "-accept popupmouse" will only take mouse click responses, while "-accept popupkey" will only take keystroke responses - (popup takes both). After any of the 3 popup keywords you can supply a + (popup takes both.) After any of the 3 popup keywords you can supply a position of the window: +N+M, (the default is to center the window) e.g. -accept popupmouse+10+10. @@ -3766,12 +3776,12 @@ exit 1 # reject it associates the three actions: yes(accept), no(reject), and view(accept-view-only), with the numerical return (i.e. exit()) codes. Use "*" instead of a number to set the default action (e.g. in case - the external command returns an unexpected return code). + the external command returns an unexpected return code.) Here is an example -accept script called accept_or_lock. It uses xmessage and xlock (replace with your screen lock command, maybe it is "xscreensaver-command -lock", or kdesktop_lock, or "dtaction - LockDisplay"). It will prompt the user at the X display whether to + LockDisplay".) It will prompt the user at the X display whether to accept, reject, or accept view-only the client, but if the prompt times out after 60 seconds the screen is locked and the VNC client is accepted. This allows the remote access when no one is at the display. @@ -3780,7 +3790,7 @@ exit 1 # reject it # accept_or_lock: prompt user at X display whether to accept an incoming # VNC connection. If timeout expires, screen is locked # and the VNC viewer is accepted (allows remote access -# when no one is sitting at the display). +# when no one is sitting at the display.) # # usage: x11vnc ... -forever -accept 'yes:0,no:*,view:4 accept_or_lock' # @@ -3811,12 +3821,12 @@ exit 1 command" option. This is for the user's convenience only: the return code of the command is not interpreted by x11vnc. The same environment variables are set as in "-accept command" (except that RFB_MODE will - be "gone"). + be "gone".) As of Jan/2006 the "[291]-afteraccept command" option will run the command only after the VNC client has been accepted and authenticated. Like -gone the return code is not interpreted. RFB_MODE will be - "afteraccept"). + "afteraccept".) Q-46: I start x11vnc as root because it is launched via inetd(8) or a @@ -3836,7 +3846,7 @@ exit 1 Q-47: I use a screen-lock when I leave my workstation (e.g. - xscreensaver or xlock). When I remotely access my workstation desktop + xscreensaver or xlock.) When I remotely access my workstation desktop via x11vnc I can unlock the desktop fine, but I am worried people will see my activities on the physical monitor. What can I do to prevent this, or at least make it more difficult? @@ -3844,7 +3854,7 @@ exit 1 Probably most work environments would respect your privacy if you powered off the monitor. Also remember if people have physical access to your workstation they basically can do anything they want with it - (e.g. install a backdoor for later use, etc). + (e.g. install a backdoor for later use, etc.) In any event, as of Jun/2004 there is an experimental utility to make it more difficult for nosey people to see your x11vnc activities. The @@ -3853,7 +3863,7 @@ exit 1 the display monitor in the DPMS "off" state, if the DPMS state ever changes immediately start up the screen-lock program. The x11vnc user will notice something is happening and think about what to do next - (while the screen is in a locked state). + (while the screen is in a locked state.) This works (or at least has a chance of working) because if the intruder moves the mouse or presses a key on the keyboard, the monitor @@ -3866,7 +3876,7 @@ exit 1 The blockdpy utility is launched by the [294]-accept option and told to exit via the [295]-gone option (the vnc client user should - obviously re-lock the screen before disconnecting!). Instructions can + obviously re-lock the screen before disconnecting!) Instructions can be found in the source code for the utility at the above link. Roughly it is something like this: x11vnc ... -accept "blockdpy -bg -f $HOME/.bdpy" -gone "touch $HOME/.bdpy" @@ -3961,7 +3971,7 @@ exec @ARGV; * Log into the remote machine by pressing 'Open' and supplying username, password, etc. * In that SSH shell, start up x11vnc by typing the command: x11vnc - -display :0 plus any other desired options (e.g. -localhost). + -display :0 plus any other desired options (e.g. -localhost.) * Finally, start up your VNC Viewer in Windows and enter 'localhost:0' as the VNC server. @@ -3989,7 +3999,7 @@ exec @ARGV; "[312]-connect localhost" option to establish the reverse connection. In this case a Remote port redirection (not Local) is needed for port 5500 instead of 5900 (i.e. 'Source port: 5500' and - 'Destination: localhost:5500' for a Remote connection). + 'Destination: localhost:5500' for a Remote connection.) Q-51: How can I tunnel my connection to x11vnc via an encrypted SSL @@ -4000,14 +4010,14 @@ exec @ARGV; provide an encrypted channel without the need for Unix users, passwords, and key passphrases required for ssh (and at the other extreme SSL can also provide a complete signed certificate chain of - trust). On the other hand, since SSH is usually installed everywhere + trust.) On the other hand, since SSH is usually installed everywhere and firewalls often let its port through, ssh is frequently the path - of least resistance (it also nicely manages public keys for you). + of least resistance (it also nicely manages public keys for you.) Update: As of Feb/2006 x11vnc has the options [315]-ssl, [316]-stunnel, and [317]-sslverify to provide integrated SSL schemes. They are discussed [318]in the Next FAQ (you probably want to skip to - it now). + it now.) We include these non-built-in method descriptions below for historical reference. They are handy because can be used to create SSL tunnels to @@ -4056,10 +4066,10 @@ exec @ARGV; easily, and so can the [322]Enhanced TightVNC Viewer (SSVNC) package. Be sure to use a VNC password because unlike ssh by default the - encrypted SSL channel provides no authentication (only privacy). With + encrypted SSL channel provides no authentication (only privacy.) With some extra configuration one could also set up certificates to provide authentication of either or both sides as well (and hence avoid - man-in-the-middle attacks). See the stunnel and openssl documentation + man-in-the-middle attacks.) See the stunnel and openssl documentation and also [323]the key management section for details. stunnel has also been ported to Windows, and there are likely others @@ -4067,7 +4077,7 @@ exec @ARGV; found at the stunnel site and in this [324]article The article also shows the detailed steps to set up all the authentication certificates. (for both server and clients, see also the [325]x11vnc - utilities that do this). The default Windows client setup (no certs) + utilities that do this.) The default Windows client setup (no certs) is simpler and only 4 files are needed in a folder: stunnel.exe, stunnel.conf, libssl32.dll, libeay32.dll. We used an stunnel.conf containing: @@ -4124,13 +4134,12 @@ connect = 5900 SSL VNC Viewers: Regarding VNC viewers that "natively" do SSL unfortunately there do - not seem to be many. UltraVNC has an encryption plugin, but we have - not tried it (it does not seem to be SSL, however the [327]SingleClick - UltraVNC Java Viewer is SSL and is compatible with x11vnc's [328]-ssl - option and stunnel.) Commercial versions of VNC seem to have some SSL - built in, but we haven't tried those either and they probably wouldn't - work since the SSL negotiation is likely embedded in the VNC protocol - unlike our case where it is external. + not seem to be many. The [327]SingleClick UltraVNC Java Viewer is SSL + and is compatible with x11vnc's [328]-ssl option and stunnel.) + Commercial versions of VNC seem to have some SSL-like encryption built + in, but we haven't tried those either and they probably wouldn't work + since their (proprietary) SSL-like negotiation is likely embedded in + the VNC protocol unlike our case where it is external. Note: as of Mar/2006 libvncserver/x11vnc provides a [329]SSL-enabled Java applet that can be served up via the [330]-httpdir or [331]-http @@ -4160,13 +4169,13 @@ connect = 5900 SSL tunnels provide an encrypted channel without the need for Unix users, passwords, and key passphrases required for ssh (and at the other extreme SSL can also provide a complete signed certificate chain - of trust). On the other hand, since SSH is usually installed + of trust.) On the other hand, since SSH is usually installed everywhere and firewalls often let its port through, ssh is frequently the path of least resistance. Built-in SSL x11vnc options: - As of Feb/2006 the x11vnc [339]-ssl option automate the SSL tunnel + As of Feb/2006 the x11vnc [339]-ssl option automates the SSL tunnel creation on the x11vnc server side. An [340]SSL-enabled Java Viewer applet is also provided that can be served via HTTP or HTTPS to automate SSL on the client side. @@ -4174,9 +4183,9 @@ connect = 5900 The [341]-ssl mode uses the [342]www.openssl.org library if available at build time. - The mode requires an SSL certificate and key (i.e. .pem file). These + The mode requires an SSL certificate and key (i.e. .pem file.) These are usually created via the openssl(1) program (in fact in for "-ssl" - (same as "-ssl SAME") it will run openssl for you automatically). So + (same as "-ssl SAVE") it will run openssl for you automatically.) So the SSL is not completely "built-in" since this external tool need to be installed, but at least x11vnc runs it for you automatically. @@ -4219,23 +4228,22 @@ connect = 5900 As seen above, the PEM (privacy enhanced mail) file does not need to be supplied if the openssl(1) command is available in PATH, in that - case a self-signed, temporary certificate good only for the single - x11vnc session is created (this may take a while on very slow - machines). + case a self-signed, certificate good the current and subsequent x11vnc + sessions is created (this may take a while on very slow machines.) In general, the PEM file contains both the Certificate (i.e. public key) and the Private Key. Because of the latter, the file should be protected from being read by untrusted users. The best way to do this is to encrypt the key with a passphrase (note however this requires - supplying the passphrase each time x11vnc is started up). + supplying the passphrase each time x11vnc is started up.) See the discussion on [348]x11vnc Key Management for some utilities provided for creating and managing certificates and keys and even for creating your own Certificate Authority (CA) for signing VNC server and client certificates. This may be done by importing the certificate into Web Browser or Java plugin keystores, or pointing stunnel to it. - The wrapper script [349]ss_vncviewer provides an example on unix - (-verify option). + The wrapper script [349]ss_vncviewer provides an example on unix (see + the -verify option.) Here are some notes on the simpler default (non-CA) operation. To have x11vnc save the generated certificate and key, use the "SAVE" keyword @@ -4244,14 +4252,14 @@ connect = 5900 (this is the same as the default: "-ssl".) This way it will be saved in the default directory ~/.vnc/certs/ as server.crt (the certificate - only) and server.pem (both certificate and private key). This opens up + only) and server.pem (both certificate and private key.) This opens up the possibility of copying the server.crt to machines where the VNC Viewer will be run to enable authenticating the x11vnc SSL VNC server to the clients. When authentication takes place this way (or via the more sophisticated CA signing described [350]here), then Man-In-The-Middle-Attacks are prevented. Otherwise, the SSL encryption only provides protection against passive network traffic "sniffing" - (i.e. you are not protected against M-I-T-M attacks). Nowadays, most + (i.e. you are not protected against M-I-T-M attacks.) Nowadays, most people seem mostly concerned mainly about passive sniffing (and the default x11vnc SSL mode protects against it.) Note that there are hacker tools like dsniff/webmitm and cain that implement SSL @@ -4301,9 +4309,9 @@ connect = 5900 That indicates stunnel is listening on port 5900 for incoming SSL-wrapped VNC connections from viewers. x11vnc is listening for local connections on port 5950 in this case (remote viewers cannot - connect to it directly). For -stunnel to work the stunnel command must + connect to it directly.) For -stunnel to work the stunnel command must be installed on the machine and available in PATH (note stunnel is - often installed in sbin directories rather than bin). Note that the + often installed in sbin directories rather than bin.) Note that the default "-stunnel" by itself creates a temporary cert (as in "-ssl TMP".) @@ -4313,12 +4321,12 @@ connect = 5900 Notes on using "native" VNC Viewers with SSL: There aren't any native VNC Viewers that do SSL (ask your VNC viewer - developer to add the feature). So a tunnel must be setup that you + developer to add the feature.) So a tunnel must be setup that you point the VNC Viewer to. This is often STUNNEL. You can do this - [354]manually, or use the [355]ss_vncviewer script on Unix, or the + [354]manually, or use the [355]ss_vncviewer script on Unix, or our [356]Enhanced TightVNC Viewer (SSVNC) package on Unix, Windows, or MacOSX. See the next section for Java Web browser SSL VNC Viewers (you - only need a Java-enabled Web browser for it to work). + only need a Java-enabled Web browser for it to work.) Notes on the SSL enabled Java VNC Viewer provided in x11vnc classes/ssl/VncViewer.jar: @@ -4340,9 +4348,9 @@ connect = 5900 The Java viewer uses SSL to communicate securely with x11vnc. Note that the applet can optionally also be downloaded into your web - browser via HTTPS (which is HTTP over SSL). This way the HTML page and + browser via HTTPS (which is HTTP over SSL.) This way the HTML page and the Java applet itself are also delivered securely with SSL (as - opposed to only the VNC traffic being encrypted with SSL). + opposed to only the VNC traffic being encrypted with SSL.) For this case the output will be something like this: x11vnc -ssl SAVE -http @@ -4373,10 +4381,10 @@ connect = 5900 The https service provided thru the actual VNC port (5900 in the above example) can occasionally be slow or unreliable (it has to read some - input and try to guess if the connection is VNC or HTTP). If it is + input and try to guess if the connection is VNC or HTTP.) If it is unreliable for you and you still want to serve the Java applet via https, use the [362]-https option to get an additional port dedicated - to https (its URL will also be printed in the output). + to https (its URL will also be printed in the output.) Another possibility is to add the GET applet parameter: https://far-away.east:5900/?GET=1 @@ -4404,20 +4412,20 @@ connect = 5900 Unfortunately, it can be a little tricky getting the SSL VNC Java Viewer working with x11vnc. Here are some tips to getting working the first time (afterwards you can incrementally customize with more - complex settings). + complex settings.) * First try it on the LAN: Do NOT try to have it work the first time going through firewalls, Web proxies, home router port redirections, or Apache portal. Just try a direct connection over your LAN first (if you only have 1 machine and no LAN, just do a - direct connection to the same machine: localhost). If the LAN + direct connection to the same machine: localhost.) If the LAN machine you run x11vnc on has its own host-level firewall (most linux machine come with that on by default), disable it or at least let tcp ports 5800-6000 through. * First try HTTP to download the Java Applet: x11vnc can serve both the Java Applet jar file and VNC out of the same port (both - tunneled through SSL, see below). But it can lead to timing and + tunneled through SSL, see below.) But it can lead to timing and other problems. So first try HTTP instead of HTTPS to download the - Applet jar file (VncViewer.jar). That is to say try + Applet jar file (VncViewer.jar.) That is to say try http://hostname:5800 in your web browser first before trying https://hostname:5900. x11vnc will print out the ports and URLs it is using, so use the HTTP one it prints out. @@ -4440,7 +4448,7 @@ connect = 5900 * No inetd, Please: Even if you intend to deploy via inetd or xinetd eventually, get that working later (and remember do not use something like "-ssl TMP" that creates a new temporary SSL - certificate for every new socket connection). + certificate for every new socket connection.) * Nothing Fancy: Do not try fancy stuff like -svc, -create, -unixpw, "-users unixpw=", "-users sslpeer=", -sslverify, etc. Just get the simplest connection working first and then incrementally add what @@ -4461,9 +4469,9 @@ connect = 5900 (some users do it this way), the main thing is that the VNC traffic is encrypted with SSL. If you are having trouble even with the above baseline test case feel free to contact me (please send the Full - x11vnc output, not just part of it, and the complete x11vnc command - line, and the URL(s) entered in the browser, and anything else you can - think of.) + x11vnc output, not just part of it; the complete x11vnc command line; + the URL(s) entered in the browser; the full Java Console output; and + anything else you can think of.) Next, you can add the features you want one by one testing it still works each time. I suggest first turning on the HTTPS applet download @@ -4473,10 +4481,10 @@ connect = 5900 Next, turn on inetd if you intend to use that (this can be tricky too, be sure to use -oa logfile and inspect it carefully if there are - problems). If you are going to use non-standard ports (e.g. "-rfbport + problems.) If you are going to use non-standard ports (e.g. "-rfbport 443" as root), work on that next. Then enable the firewall, router port redirection channel (you will somehow need to be outside to do - that, maybe test that through another VNC session). + that, maybe test that through another VNC session.) Then, if you plan to use them, enable "fancy stuff" like "-svc" or "-unixpw", etc, etc. Be sure to add a password either "-rfbauth" or @@ -4491,7 +4499,7 @@ connect = 5900 port, you will need to apply the PORT applet parameter to indicate to the applet the Internet facing port number (otherwise by default the internal machine's port, say 5900, is sent and that of course is - rejected at the firewall/router). For example: + rejected at the firewall/router.) For example: https://far-away.east:443/?GET=1&PORT=443 So in this example the user configures his router to redirect @@ -4530,17 +4538,18 @@ connect = 5900 Note that sometimes if you pause too long at one of the above dialogs then x11vnc may exceed a timeout and assume the current socket connection is VNC instead of the HTTPS it actually is (but since you - have paused too long at the dialog the GET request comes too late). + have paused too long at the dialog the GET request comes too late.) Often hitting Reload and going through the dialogs more quickly will let you connect. The Java VM dialogs are the most important ones to NOT linger at. If you see in the x11vnc output a request for - VncViewer.class instead of VncViewer.jar it is too late... you may - need to restart the Web browser to get it to try for the jar again. - You can use the [370]-https option if you want a dedicated port for - HTTPS connections instead of sharing the VNC port. + VncViewer.class instead of VncViewer.jar it is too late... you will + need to completely restart the Web browser to get it to try for the + jar again. You can use the [370]-https option if you want a dedicated + port for HTTPS connections instead of sharing the VNC port. To see example x11vnc output for a successful https://host:5900/ - connection with the Java Applet see [371]This Page. + connection with the Java Applet see [371]This Page. And here is a + newer example [372]including the Java Console output. All of the x11vnc Java Viewer applet parameters are described in the file classes/ssl/README @@ -4551,13 +4560,13 @@ connect = 5900 If you want to use a native VNC Viewer with the SSL enabled x11vnc you will need to run an external SSL tunnel on the Viewer side. There do not seem to be any native SSL VNC Viewers outside of our x11vnc and - [372]SSVNC packages. The basic ideas of doing this were discussed - [373]for external tunnel utilities here. + [373]SSVNC packages. The basic ideas of doing this were discussed + [374]for external tunnel utilities here. - The [374]ss_vncviewer script provided with x11vnc and SSVNC can set up + The [375]ss_vncviewer script provided with x11vnc and SSVNC can set up the stunnel tunnel automatically on unix as long as the stunnel command is installed on the Viewer machine and available in PATH (and - vncviewer too of course). Note that on a Debian based system you will + vncviewer too of course.) Note that on a Debian based system you will need to install the package stunnel4 not stunnel. You can set the environment variables STUNNEL and VNCVIEWERCMD to point to the correct programs if you want to override the defaults. @@ -4580,20 +4589,22 @@ connect = 5900 The third one requires that the x11vnc server authenticate itself to the client against the certificate in the file ./server.crt (e.g. one created by "x11vnc -ssl SAVE" and safely copied to the VNC viewer - machine). The fourth one is for VNC Viewer authentication, it uses - ./client.pem to authenticate itself to x11vnc. One can supply both - -verify and -mycert simultaneously. + machine.) + + The fourth one is for VNC Viewer authentication, it uses ./client.pem + to authenticate itself to x11vnc. One can supply both -verify and + -mycert simultaneously. The fifth one shows that Web proxies can be used if that is the only way to get out of the firewall. If the "double proxy" situation arises - separate the two by commas. See [375]this page for more information on + separate the two by commas. See [376]this page for more information on how Web proxies come into play. - If one uses a Certificate Authority (CA) scheme described [376]here, + If one uses a Certificate Authority (CA) scheme described [377]here, the wrapper script would use the CA cert instead of the server cert: 3') ss_vncviewer -verify ./cacert.crt far-away.east:0 - Update Jul/2006: we now provide an [377]Enhanced TightVNC Viewer + Update Jul/2006: we now provide an [378]Enhanced TightVNC Viewer (SSVNC) package that starts up STUNNEL automatically along with some other features. All binaries (stunnel, vncviewer, and some utilities) are provided in the package. It works on Unix, Mac OS X, and Windows. @@ -4603,12 +4614,12 @@ connect = 5900 tunneling when going through a Web Proxy? The SSL enabled Java VNC Viewer and firewall Proxies: - SSL/https aside, there is a general problem with Firewall Proxies and - Java Applets that open sockets. The applet is downloaded successfully - (through the browser) using http and the proxy, but when the applet - tries to reconnect to the originating host (the only one allowed by - security) it does not use the proxy channel. So it cannot reconnect to - the server the applet came from! + SSL and HTTPS aside, there is a general problem with Firewall Proxies + and Java Applets that open sockets. The applet is downloaded + successfully (through the browser) using HTTP and the proxy, but when + the applet tries to reconnect to the originating host (the only one + allowed by security) it does not use the proxy channel. So it cannot + reconnect to the server the applet came from! We have found a convenient workaround: in the directory where VncViewer.jar resides there is a digitally signed version of the same @@ -4618,9 +4629,9 @@ connect = 5900 You should say "Yes". If you do, the applet will be run in a mode where it can try to determine the firewall proxy host name and port - (it will ask you for them if it cannot find them). This way it can + (it will ask you for them if it cannot find them.) This way it can connect directly to the Proxy and then request the CONNECT method to - be redirected to the originating host (the x11vnc VNC Server). SSL is + be redirected to the originating host (the x11vnc VNC Server.) SSL is then layered over this socket. To do this you should use the proxy.vnc HTML file like via this URL in @@ -4637,7 +4648,7 @@ connect = 5900 port 443 (HTTPS) and 563 (SNEWS) by default. In this case, the only thing to do is run x11vnc on that low port, e.g. "-rfbport 443", (or use a port redirection on, say, a firewall or router port 443 to the - internal machine). + internal machine.) If you do such a redirection to an internal machine and x11vnc is not listening on port 443, you will probably need to edit proxy.vnc. @@ -4656,17 +4667,20 @@ connect = 5900 https://yourmachine.com/proxy.vnc?PORT=443 this is cleaner because it avoids editing the file, but requires more - parameters in the URL. See also the [378]-httpsredir option that will - try to automate this for you. To use the GET [379]trick discussed - above, do: + parameters in the URL. See also the [379]-httpsredir x11vnc option + that will try to automate this for you. To use the GET [380]trick + discussed above, do: https://yourmachine.com/proxy.vnc?GET=1&PORT=443 All of the x11vnc Java Viewer applet parameters are described in the file classes/ssl/README + Here is an example of Java Console and x11vnc output for the [381]Web + proxy case. + - Note that both the [380]ss_vncviewer stunnel Unix wrapper script and - [381]Enhanced TightVNC Viewer (SSVNC) can use Web proxies as well even + Note that both the [382]ss_vncviewer stunnel Unix wrapper script and + [383]Enhanced TightVNC Viewer (SSVNC) can use Web proxies as well even though they do not involve a Web browser. @@ -4674,7 +4688,7 @@ connect = 5900 SSL from the Internet with a Web browser to x11vnc running on their workstations behind a firewall? Yes. You will need to configure apache to forward these connections. - It is discussed [382]here. This provides a clean alternative to the + It is discussed [384]here. This provides a clean alternative to the traditional method where the user uses SSH to log in through the gateway to create the encrypted port redirection to x11vnc running on her desktop. @@ -4682,7 +4696,7 @@ connect = 5900 Q-56: Can I create and use my own SSL Certificate Authority (CA) with x11vnc? - Yes, see [383]this page for how to do this and the utility commands + Yes, see [385]this page for how to do this and the utility commands x11vnc provides to create and manage many types of certificates and private keys. @@ -4701,21 +4715,21 @@ connect = 5900 need to have sufficient permissions to connect to the X display. Here are some ideas: - * Use the description under "Continuously" in the [384]FAQ on x11vnc + * Use the description under "Continuously" in the [386]FAQ on x11vnc and Display Managers - * Use the description in the [385]FAQ on x11vnc and inetd(8) - * Use the description in the [386]FAQ on Unix user logins and + * Use the description in the [387]FAQ on x11vnc and inetd(8) + * Use the description in the [388]FAQ on Unix user logins and inetd(8) * Start x11vnc from your $HOME/.xsession (or $HOME/.xinitrc or autostart script or ...) - * Although less reliable, see the [387]x11vnc_loop rc.local hack + * Although less reliable, see the [389]x11vnc_loop rc.local hack below. The display manager scheme will not be specific to which user has the X session unless a test is specifically put into the display startup - script (often named Xsetup). The inetd(8) scheme may or may not be + script (often named Xsetup.) The inetd(8) scheme may or may not be specific to which user has the X session (and it may not be able to do - all users via the XAUTHORITY permission issues). + all users via the XAUTHORITY permission issues.) The .xsession/.xinitrc scheme is obviously is specific to a particular user and only when they are logged into X. If you do not know what a @@ -4730,20 +4744,20 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg X startup scripts (traditionally .xsession/.xinitrc) may have to be in a different directory or have a different basename. One user recommends the description under 'Running Scripts Automatically' at - [388]this link. + [390]this link. - Firewalls: note all methods will require the host-level [389]firewall + Firewalls: note all methods will require the host-level [391]firewall to be configured to allow connections in on a port. E.g. 5900 (default - VNC port) or 22 (default SSH port for tunnelling VNC). Most systems + VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems these days have firewalls turned on by default, so you will actively have to do something to poke a hole in the firewall at the desired port number. See your system administration tool for Firewall settings - (Yast, Firestarter, etc.). + (Yast, Firestarter, etc.) Q-58: How can I use x11vnc to connect to an X login screen like xdm, GNOME gdm, KDE kdm, or CDE dtlogin? (i.e. nobody is logged into an X - session yet). + session yet.) _________________________________________________________________ One time only: If the X login screen is running and you just want to @@ -4754,13 +4768,13 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg while running x11vnc as root, e.g. for the gnome display manager, gdm: x11vnc -auth /var/gdm/:0.Xauth -display :0 - (the [390]-auth option sets the XAUTHORITY variable for you). + (the [392]-auth option sets the XAUTHORITY variable for you.) There will be a similar thing for xdm using however a different auth directory path (perhaps something like /var/lib/xdm/authdir/authfiles/A:0-XQvaJk for xdm or /var/lib/kdm/A:0-crWk72 (or /var/run/xauth/A:0-qQPftr, etc. etc) for - kdm, where the random characters in the basename will vary). Read your + kdm, where the random characters in the basename will vary.) Read your system docs to find out where the display manager cookie files are kept. @@ -4776,14 +4790,14 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg (or /etc/gdm/gdm.conf, etc.) avoids this. Otherwise, just restart x11vnc and then reconnect your viewer. Other display managers (kdm, etc) may also have a similar problem. One user reports having to alter - "gdm.conf-custom" as well. Update Nov/2008: See also the [391]-reopen + "gdm.conf-custom" as well. Update Nov/2008: See also the [393]-reopen option for another possible workaround. Note: Solaris: For dtlogin in addition to the above sort of trick (BTW, the auth file should be in /var/dt), you'll also need to add something like Dtlogin*grabServer:False to the Xconfig file (/etc/dt/config/Xconfig or /usr/dt/config/Xconfig on Solaris, see - [392]the example at the end of this FAQ). Then restart dtlogin, e.g.: + [394]the example at the end of this FAQ.) Then restart dtlogin, e.g.: /etc/init.d/dtlogin stop; /etc/init.d/dtlogin start or reboot. _________________________________________________________________ @@ -4795,8 +4809,8 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg script. Please consider the security implications of this! The VNC display for - the X session always accessible (but hopefully password protected). - Add [393]-localhost if you only plan to access via a [394]SSH tunnel. + the X session always accessible (but hopefully password protected.) + Add [395]-localhost if you only plan to access via a [396]SSH tunnel. The name of the display manager startup script file depends on desktop used and seem to be: @@ -4827,7 +4841,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg -forever -bg where you should customize the exact command to your needs (e.g. - [395]-localhost for SSH tunnel-only access; [396]-ssl SAVE for SSL + [397]-localhost for SSH tunnel-only access; [398]-ssl SAVE for SSL access; etc.) Happy, happy, joy, joy: Note that we do not need to specify -display @@ -4835,12 +4849,12 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg and XAUTHORITY environment variables for the Xsetup script!!! You may also want to force the VNC port with something like "-rfbport - 5900" (or [397]-N) to avoid autoselecting one if 5900 is already + 5900" (or [399]-N) to avoid autoselecting one if 5900 is already taken. _________________________________________________________________ Fedora/gdm: Here is an example of what we did on a vanilla install of - Fedora-C3 (seems to use gdm by default). Add a line like this to + Fedora-C3 (seems to use gdm by default.) Add a line like this to /etc/X11/gdm/Init/:0 /usr/local/bin/x11vnc -rfbauth /etc/x11vnc.passwd -forever -bg -o /var/log/x1 1vnc.log @@ -4849,9 +4863,9 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg etc.) in the [daemon] section: KillInitClients=false - Then restart: /usr/sbin/gdm-restart (or reboot). The + Then restart: /usr/sbin/gdm-restart (or reboot.) The KillInitClients=false setting is important: without it x11vnc will be - killed immediately after the user logs in. Here are [398]full details + killed immediately after the user logs in. Here are [400]full details on how to configure gdm _________________________________________________________________ @@ -4873,13 +4887,13 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg /usr/local/bin/x11vnc -forever -o /var/log/x11vnc.log -bg (tweaked to your local setup and preferences, a password via -rfbauth, - etc. would be a very good idea). + etc. would be a very good idea.) Restart the X server and dtlogin: /etc/init.d/dtlogin stop /etc/init.d/dtlogin start - (or reboot or maybe just restart the X session). + (or reboot or maybe just restart the X session.) _________________________________________________________________ KDM: One user running the kdm display manager reports putting this @@ -4893,22 +4907,22 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg If you do not want to deal with any display manager startup scripts, here is a kludgey script that can be run manually or out of a boot - file like rc.local: [399]x11vnc_loop It will need some local + file like rc.local: [401]x11vnc_loop It will need some local customization before running. Because the XAUTHORITY auth file must be guessed by this script, use of the display manager script method - described above is greatly preferred. There is also the [400]-loop + described above is greatly preferred. There is also the [402]-loop option that does something similar. If the machine is a traditional Xterminal you may want to read - [401]this FAQ. + [403]this FAQ. - Firewalls: note all methods will require the host-level [402]firewall + Firewalls: note all methods will require the host-level [404]firewall to be configured to allow connections in on a port. E.g. 5900 (default - VNC port) or 22 (default SSH port for tunnelling VNC). Most systems + VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems these days have firewalls turned on by default, so you will actively have to do something to poke a hole in the firewall at the desired port number. See your system administration tool for Firewall settings - (Yast, Firestarter, etc.). + (Yast, Firestarter, etc.) Q-59: Can I run x11vnc out of inetd(8)? How about xinetd(8)? @@ -4918,9 +4932,9 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg 5900 stream tcp nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc_sh - where the shell script /usr/local/bin/x11vnc_sh uses the [403]-inetd + where the shell script /usr/local/bin/x11vnc_sh uses the [405]-inetd option and looks something like (you'll need to customize to your - settings). + settings.) #!/bin/sh /usr/local/bin/x11vnc -inetd -display :0 -auth /home/fred/.Xauthority \ -rfbauth /home/fred/.vnc/passwd -o /var/log/x11vnc_sh.log @@ -4928,23 +4942,23 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg Important: Note that you must redirect the standard error output to a log file (e.g. -o logfile) or "2>/dev/null" for proper operation via inetd (otherwise the standard error also goes to the VNC vncviewer, - and that confuses it greatly, causing it to abort). If you do not use + and that confuses it greatly, causing it to abort.) If you do not use a wrapper script as above but rather call x11vnc directly in /etc/inetd.conf and do not redirect stderr to a file, then you must - specify the -q (aka [404]-quiet) option: "/usr/local/bin/x11vnc -q + specify the -q (aka [406]-quiet) option: "/usr/local/bin/x11vnc -q -inetd ...". When you supply both -q and -inet and no "-o logfile" then stderr will automatically be closed (to prevent, e.g. library - stderr messages leaking out to the viewer). The recommended practice + stderr messages leaking out to the viewer.) The recommended practice is to use "-o logfile" to collect the output in a file or wrapper script with "2>logfile" redirection because the errors and warnings printed out are very useful in troubleshooting problems. - Note also the need to set XAUTHORITY via [405]-auth to point to the + Note also the need to set XAUTHORITY via [407]-auth to point to the MIT-COOKIE auth file to get permission to connect to the X display (setting and exporting the XAUTHORITY variable accomplishes the same - thing). See the x11vnc_loop file in the previous question for more + thing.) See the x11vnc_loop file in the previous question for more ideas on what that auth file may be, etc. The scheme described in the - [406]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY + [408]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY issue nicely. Note: On Solaris you cannot have the bare number 5900 in @@ -4956,8 +4970,8 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg users on the machine. Perhaps /var/log is a better place. Be sure to look at your /etc/hosts.allow and /etc/hosts.deny settings - to limit the machines that can connect to this service (your - desktop!). For the above example with /etc/hosts.allow: + to limit the machines that can connect to this service (your desktop!) + For the above example with /etc/hosts.allow: x11vnc_sh : 123.45.67.89 A really safe way to do things is to limit the above inetd to @@ -5029,9 +5043,9 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 it automatically? Yes, as of Feb/2007 x11vnc supports mDNS / Zeroconf advertising of its - service via the Avahi client library. Use the option [407]-avahi (same - as [408]-mdns or [409]-zeroconf) to enable it. Depending on your setup - you may need to install [410]Avahi (including the development/build + service via the Avahi client library. Use the option [409]-avahi (same + as [410]-mdns or [411]-zeroconf) to enable it. Depending on your setup + you may need to install [412]Avahi (including the development/build packages), enable the server: avahi-daemon and avahi-dnsconfd, and possibly open up UDP port 5353 on your firewall. @@ -5047,7 +5061,7 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 It appears SuSE 10.1 comes with avahi (or you can add packages, e.g. avahi-0.6.5-27) but not the development package (you can use the - OpenSuSE avahi-devel rpm). Unfortunately, you may need to disable + OpenSuSE avahi-devel rpm.) Unfortunately, you may need to disable another Zeroconf daemon "/etc/init.d/mdnsd stop", before doing "/etc/init.d/avahi-daemon start" and "/etc/init.d/avahi-dnsconfd start". We also had to comment out the browse-domains line in @@ -5060,36 +5074,36 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 machine and then connect to it? How about starting an X session if one cannot be found? - The easiest way to do this is via [411]inetd(8) using the [412]-unixpw - and [413]-display WAIT options. The reason inetd(8) makes this easier + The easiest way to do this is via [413]inetd(8) using the [414]-unixpw + and [415]-display WAIT options. The reason inetd(8) makes this easier is that it starts a new x11vnc process for each new user connection. Otherwise a wrapper would have to listen for connections and spawn new - x11vnc's (see [414]this example and also the [415]-loopbg option). + x11vnc's (see [416]this example and also the [417]-loopbg option.) Also with inetd(8) users always connect to a fixed VNC display, say hostname:0, and do not need to memorize a special VNC display number just for their personal use, etc. - Update: Use the [416]-find, [417]-create, [418]-svc, and [419]-xdmsvc + Update: Use the [418]-find, [419]-create, [420]-svc, and [421]-xdmsvc options that are shorthand for common FINDCREATEDISPLAY usage modes (e.g. terminal services) described below. (i.e. just use "-svc" instead of "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users unixpw= -ssl SAVE") - The [420]-display WAIT option makes x11vnc wait until a VNC viewer is + The [422]-display WAIT option makes x11vnc wait until a VNC viewer is connected before attaching to the X display. Additionally it can be used to run an external command that returns the DISPLAY and XAUTHORITY data. We provide some useful builtin ones (FINDDISPLAY and FINDCREATEDISPLAY below), but in principle one could supply "-display WAIT:cmd=/path/to/find_display" where the script find_display might - look something like [421]this. + look something like [423]this. A default script somewhat like the above is used under "-display - WAIT:cmd=FINDDISPLAY" (same as [422]-find) (use - "WAIT:cmd=FINDDISPLAY-print" to print out the gnarly script). The + WAIT:cmd=FINDDISPLAY" (same as [424]-find) (use + "WAIT:cmd=FINDDISPLAY-print" to print out the gnarly script.) The format for any such command is that it returns DISPLAY=:disp as the first line and any remaining lines are either XAUTHORITY=file or raw - xauth data (the above example does the latter). If applicable (-unixpw + xauth data (the above example does the latter.) If applicable (-unixpw mode), the program is run as the Unix user name who logged in. On Linux if the virtual terminal is known the program should append @@ -5097,10 +5111,10 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 Or if you only know the X server process ID and suspect a chvt will be needed append ",XPID=n". - Tip: Note that the [423]-find option is an alias for "-display + Tip: Note that the [425]-find option is an alias for "-display WAIT:cmd=FINDDISPLAY". Use it! - The [424]-unixpw option allows [425]UNIX password logins. It + The [426]-unixpw option allows [427]UNIX password logins. It conveniently knows the Unix username whose X display should be found. Here are a couple /etc/inetd.conf examples for this: 5900 stream tcp nowait nobody /usr/sbin/tcpd /usr/local/bin/x11vnc -inetd @@ -5114,43 +5128,43 @@ xpw= Note the very long lines have been split. An alternative is to use a wrapper script, e.g. /usr/local/bin/x11vnc.sh that has all of the - options. (see also the [426]-svc alias). + options. (see also the [428]-svc alias.) In the first one x11vnc is run as user "nobody" and stays user nobody during the whole session. The permissions of the log files and certs directory will need to be set up to allow "nobody" to use them. In the second one x11vnc is run as root and switches to the user that - logs in due to the "[427]-users unixpw=" option. + logs in due to the "[429]-users unixpw=" option. - Note that [428]SSL is required for this mode because otherwise the + Note that [430]SSL is required for this mode because otherwise the Unix password would be passed in clear text over the network. In general -unixpw is not required for this sort of scheme, but it is convenient because it determines exactly who the Unix user is whose display should be sought. Otherwise the find_display script would have to use some method to work out DISPLAY, XAUTHORITY, etc (perhaps you - use multiple inetd ports and hardwire usernames for different ports). + use multiple inetd ports and hardwire usernames for different ports.) - If you really want to disable the SSL or SSH [429]-localhost + If you really want to disable the SSL or SSH [431]-localhost constraints (this is not recommended unless you really know what you are doing: Unix passwords sent in clear text is a very bad idea...) - read the [430]-unixpw documentation. + read the [432]-unixpw documentation. A inetd(8) scheme for a fixed user that doesn't use SSL or unix passwds could be: /usr/local/bin/x11vnc -inetd -users =fred -find -rfbauth /home/fred/.vnc/passwd -o /var/log/x11vnc.log - The "[431]-users =fred" option will cause x11vnc to switch to user + The "[433]-users =fred" option will cause x11vnc to switch to user fred and then find his X display. A recently (Nov/2006) added extension to FINDDISPLAY is FINDCREATEDISPLAY where if it does not find a display via the FINDDISPLAY method it will create an X server session for the user - (i.e. desktop/terminal server). This is the only time x11vnc actually + (i.e. desktop/terminal server.) This is the only time x11vnc actually tries to start up an X server. By default it will only try to start up - virtual (non-hardware) X servers: first [432]Xdummy and if that is not + virtual (non-hardware) X servers: first [434]Xdummy and if that is not available then Xvfb. Note that Xdummy requires root permission and only works on Linux whereas Xvfb works just about everywhere. @@ -5160,19 +5174,19 @@ xpw= -display WAIT:cmd=FINDCREATEDISPLAY -prog /usr/local/bin/x11vnc Where the very long lines have been split. This will allow direct SSL - (e.g. [433]ss_vncviewer) access and also Java Web browers access via: + (e.g. [435]ss_vncviewer) access and also Java Web browers access via: https://hostname:5900/. - Tip: Note that the [434]-create option is an alias for "-display + Tip: Note that the [436]-create option is an alias for "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb". - Tip: Note that [435]-svc is a short hand for the long "-ssl SAVE + Tip: Note that [437]-svc is a short hand for the long "-ssl SAVE -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY" part. Unlike -create, this alias also sets up SSL encryption and Unix password login. Tip: In addition to the usual unixpw parameters, the user can specify - after his username (following a ":" see [436]-display WAIT for + after his username (following a ":" see [438]-display WAIT for details) for FINDCREATEDISPLAY they can add "geom=WxH" or "geom=WxHxD" to specify the width, height, and optionally the color depth. E.g. "fred:geom=800x600" at the login: prompt. Also if the env. var @@ -5181,12 +5195,12 @@ xpw= You can set the env. var X11VNC_SKIP_DISPLAY to a comma separated list of displays to ignore in the FINDDISPLAY process (to force creation of - new displays in some cases). + new displays in some cases.) If you do not plan on using the Java Web browser applet you can remove the -http (and -prog) option since this will speed up logging-in by a few seconds (x11vnc will not have to wait to see if a connection is - HTTPS or VNC). + HTTPS or VNC.) For reference, xinetd format in the file, say, /etc/xinetd.d/x11vnc: service x11vnc @@ -5209,8 +5223,8 @@ service x11vnc WAIT:cmd=FINDCREATEDISPLAY-X,Xvfb,Xdummy". The "X" one means to try to start up a real, hardware X server, e.g. startx(1) (if there is already a real X server running this may only work on Linux and the - chvt program may [437]need to be run to switch to the correct Linux - virtual terminal). x11vnc will try to run chvt automatically if it can + chvt program may [439]need to be run to switch to the correct Linux + virtual terminal.) x11vnc will try to run chvt automatically if it can determine which VT should be switched to. If you want to present the user with a xdm/gdm/kdm display manager @@ -5221,7 +5235,7 @@ service x11vnc manager (xdm/gdm/kdm) on the same machine, then use "Xvfb.xdmcp" instead of "Xvfb", etc. The user will have to supply his username and password one more time (but he gets to select his desktop - type so that can be useful). For this to work, you will need to + type so that can be useful.) For this to work, you will need to enable localhost XDMCP (udp port 177) for the display manager. This seems to be: @@ -5232,11 +5246,11 @@ service x11vnc Unless you are also providing XDMCP service to xterminals or other machines, make sure that the host access list only allows local connections (the name of this file is often Xaccess and it is usually - setup by default to do just that). Nowadays, host level firewalling + setup by default to do just that.) Nowadays, host level firewalling will also typically block UDP (port 177 for XDMCP) by default effectively limiting the UDP connections to localhost. - Tip: Note that [438]-xdmsvc is a short hand for the long "-ssl SAVE + Tip: Note that [440]-xdmsvc is a short hand for the long "-ssl SAVE -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp" part. E.g.: service x11vnc @@ -5252,7 +5266,7 @@ service x11vnc disable = no } - (or "-svc" instead of "-xdmsvc" for no XDMCP). + (or "-svc" instead of "-xdmsvc" for no XDMCP.) Local access: To access your virtual X display locally (i.e. while @@ -5290,7 +5304,7 @@ t:5 Summary: The "-display WAIT:cmd=FINDCREATEDISPLAY" scheme can be used to provide a "desktop service" (i.e. terminal service) on the machine: you always get some desktop there, either a real hardware X server or - a virtual one (depending on how you set things up). So it provides + a virtual one (depending on how you set things up.) So it provides simple "terminal services" based on Unix username and password. The created X server sessions (virtual or real hardware) will remain running after you disconnect the VNC viewer and will be found again on @@ -5303,15 +5317,15 @@ t:5 Q-62: Can I have x11vnc restart itself after it terminates? One could do this in a shell script, but now there is an option - [439]-loop that makes it easier. Of course when x11vnc restarts it + [441]-loop that makes it easier. Of course when x11vnc restarts it needs to have permissions to connect to the (potentially new) X display. This mode could be useful if the X server restarts often. Use e.g. "-loop5000" to sleep 5000 ms between restarts. Also "-loop2000,5" to sleep 2000 ms and only restart 5 times. - One can also use the [440]-loopbg to emulate inetd(8) to some degree, + One can also use the [442]-loopbg to emulate inetd(8) to some degree, where each connected process runs in the background. It could be - combined, say, with the [441]-svc option to provide simple terminal + combined, say, with the [443]-svc option to provide simple terminal services without using inetd(8). @@ -5319,13 +5333,13 @@ t:5 web browser? To have x11vnc serve up a Java VNC viewer applet to any web browsers - that connect to it, run x11vnc with this [442]option: + that connect to it, run x11vnc with this [444]option: -httpdir /path/to/the/java/classes/dir (this directory will contain the files index.vnc and, for example, VncViewer.jar) Note that libvncserver contains the TightVNC Java classes jar file for your convenience. (it is the file - classes/VncViewer.jar in the source tree). + classes/VncViewer.jar in the source tree.) You will see output something like this: 14/05/2004 11:13:56 Autoprobing selected port 5900 @@ -5338,7 +5352,7 @@ t:5 then you can connect to that URL with any Java enabled browser. Feel free to customize the default index.vnc file in the classes directory. - As of May/2005 the [443]-http option will try to guess where the Java + As of May/2005 the [445]-http option will try to guess where the Java classes jar file is by looking in expected locations and ones relative to the x11vnc binary. @@ -5347,7 +5361,7 @@ t:5 either the java or appletviewer commands to run the program. java -cp ./VncViewer.jar VncViewer HOST far-away.east PORT 5900 - Proxies: See the [444]discussion here if the web browser must use a + Proxies: See the [446]discussion here if the web browser must use a web proxy to connect to the internet. It is tricky to get Java applets to work in this case: a signed applet must be used so it can connect to the proxy and ask for the redirection to the VNC server. One way to @@ -5363,36 +5377,36 @@ t:5 As of Mar/2004 x11vnc supports reverse connections. On Unix one starts the VNC viewer in listen mode: "vncviewer -listen" (see your documentation for Windows, etc), and then starts up x11vnc with the - [445]-connect option. To connect immediately at x11vnc startup time + [447]-connect option. To connect immediately at x11vnc startup time use the "-connect host:port" option (use commas for a list of hosts to - connect to). The ":port" is optional (default is VNC listening port is - 5500). + connect to.) The ":port" is optional (default is VNC listening port is + 5500.) If a file is specified instead: -connect /path/to/some/file then that file is checked periodically (about once a second) for new hosts to connect to. - The [446]-remote control option (aka -R) can also be used to do this + The [448]-remote control option (aka -R) can also be used to do this during an active x11vnc session, e.g.: x11vnc -display :0 -R connect:hostname.domain - Use the "[447]-connect_or_exit" option to have x11vnc exit if the + Use the "[449]-connect_or_exit" option to have x11vnc exit if the reverse connection fails. Also, note the "-rfbport 0" option disables TCP listening for connections (potentially useful for reverse - connection mode, assuming you do not want any "forward" connections). + connection mode, assuming you do not want any "forward" connections.) Note that as of Mar/2006 x11vnc requires password authentication for reverse connections as well as for forward ones (assuming password - auth has been enabled, e.g. via -rfbauth, -passwdfile, etc). Many VNC + auth has been enabled, e.g. via -rfbauth, -passwdfile, etc.) Many VNC servers do not require any password for reverse connections. To regain the old behavior supply this option "-env X11VNC_REVERSE_CONNECTION_NO_AUTH=1" to x11vnc. Vncconnect command: To use the vncconnect(1) program (from the core - VNC package at www.realvnc.com) specify the [448]-vncconnect option to - x11vnc (Note: as of Dec/2004 -vncconnect is now the default). + VNC package at www.realvnc.com) specify the [450]-vncconnect option to + x11vnc (Note: as of Dec/2004 -vncconnect is now the default.) vncconnect(1) must be pointed to the same X11 DISPLAY as x11vnc (since - it uses X properties to communicate with x11vnc). If you do not have + it uses X properties to communicate with x11vnc.) If you do not have or do not want to get the vncconnect(1) program, the following script (named "Vncconnect") may work if your xprop(1) supports the -set option: @@ -5408,12 +5422,12 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" proxy or SSH? Yes, as of Oct/2007 x11vnc supports reverse connections through - proxies: use the "[449]-proxy host:port" option. The default is to + proxies: use the "[451]-proxy host:port" option. The default is to assume the proxy is a Web proxy. Note that most Web proxies only allow proxy destination connections to ports 443 (HTTPS) and 563 (SNEWS) and so this might not be too useful unless the proxy has been modified (AllowCONNECT apache setting) or the VNC viewer listens on one of - those ports (or the router does a port redir). A web proxy may also be + those ports (or the router does a port redir.) A web proxy may also be specified via "-proxy http://host:port" For SOCKS4 and SOCKS4a proxies use this format "-proxy @@ -5428,11 +5442,11 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" connections. An experimental mode is "-proxy http://host:port/..." where the URL - (e.g. a CGI script) is retrieved via the GET method. See [450]-proxy + (e.g. a CGI script) is retrieved via the GET method. See [452]-proxy for more info. Another experimental mode is "-proxy ssh://user@host" in which case a - SSH tunnel is used for the proxying. See [451]-proxy for more info. + SSH tunnel is used for the proxying. See [453]-proxy for more info. Up to 3 proxies may be chained together by listing them by commas e.g.: "-proxy http://host1:port1,socks5://host2:port2" in case one @@ -5441,10 +5455,10 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" Q-66: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real - display, but for a virtual one I keep around). + display, but for a virtual one I keep around.) You can, but you would not be doing this for performance reasons (for - virtual X sessions via VNC, Xvnc should give the fastest response). + virtual X sessions via VNC, Xvnc should give the fastest response.) You may want to do this because Xvnc is buggy and crashes, does not support an X server extension you desire, or you want to take advantage of one of x11vnc's unending number of options and features. @@ -5452,13 +5466,13 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" One way to achieve this is to have a Xvfb(1) virtual framebuffer X server running in the background and have x11vnc attached to it. Another method, faster and more accurate, is to use the "dummy" Device - Driver in XFree86/Xorg (see below). + Driver in XFree86/Xorg (see below.) In either case, one can view this desktop both remotely and also - [452]locally using vncviewer. Make sure vncviewer's "-encodings raw" + [454]locally using vncviewer. Make sure vncviewer's "-encodings raw" is in effect for local viewing (compression seems to slow things down - locally). For local viewing you set up a "bare" window manager that - just starts up vncviewer and nothing else ([453]See how below). + locally.) For local viewing you set up a "bare" window manager that + just starts up vncviewer and nothing else ([455]See how below.) Here is one way to start up Xvfb: xinit -- /usr/X11R6/bin/Xvfb :1 -cc 4 -screen 0 1024x768x16 @@ -5467,30 +5481,30 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" x11vnc -display :1 ... Then have the remote vncviewer attach to x11vnc's VNC display (e.g. :0 - which is port 5900). + which is port 5900.) The "-cc 4" Xvfb option is to force it to use a TrueColor visual instead of DirectColor (this works around a recent bug in the Xorg - Xvfb server). + Xvfb server.) One good thing about Xvfb is that the virtual framebuffer exists in main memory (rather than in the video hardware), and so x11vnc can "screen scrape" it very efficiently (more than, say, 100X faster than - normal video hardware). + normal video hardware.) - Update Nov/2006: See the [454]FINDCREATEDISPLAY discussion of the - "[455]-display WAIT:cmd=FINDDISPLAY" option where virtual (Xvfb or + Update Nov/2006: See the [456]FINDCREATEDISPLAY discussion of the + "[457]-display WAIT:cmd=FINDDISPLAY" option where virtual (Xvfb or Xdummy, or even real ones by changing an option) X servers are started automatically for new users connecting. This provides a "desktop service" for the machine. You either get your real X session or your virtual (Xvfb/Xdummy) one whenever you connect to the machine - (inetd(8) is a nice way to provide this service). The [456]-find, - [457]-create, [458]-svc, and [459]-xdmsvc aliases can also come in + (inetd(8) is a nice way to provide this service.) The [458]-find, + [459]-create, [460]-svc, and [461]-xdmsvc aliases can also come in handy here. There are some annoyances WRT Xvfb however. The default keyboard mapping seems to be very poor. One should run x11vnc with - [460]-add_keysyms option to have keysyms added automatically. Also, to + [462]-add_keysyms option to have keysyms added automatically. Also, to add the Shift_R and Control_R modifiers something like this is needed: #!/bin/sh xmodmap -e "keycode any = Shift_R" @@ -5502,8 +5516,8 @@ xmodmap -e "keycode any = Alt_R" xmodmap -e "keycode any = Meta_L" xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L" - (note: these are applied automatically in the [461]FINDCREATEDISPLAY - mode of x11vnc). Perhaps the Xvfb options -xkbdb or -xkbmap could be + (note: these are applied automatically in the [463]FINDCREATEDISPLAY + mode of x11vnc.) Perhaps the Xvfb options -xkbdb or -xkbmap could be used to get a better default keyboard mapping... Dummy Driver: A user points out a faster and more accurate method is @@ -5517,11 +5531,11 @@ xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L" The main drawback to this method (besides requiring extra configuration and possibly root permission) is that it also does the - Linux Virtual Console/Terminal (VC/VT) [462]switching even though it - does not need to (since it doesn't use a real framebuffer). There are + Linux Virtual Console/Terminal (VC/VT) [464]switching even though it + does not need to (since it doesn't use a real framebuffer.) There are some "dual headed" (actually multi-headed/multi-user) patches to the X server that turn off the VT usage in the X server. Update: As of - Jul/2005 we have an LD_PRELOAD script [463]Xdummy that allows you to + Jul/2005 we have an LD_PRELOAD script [465]Xdummy that allows you to use a stock (i.e. unpatched) Xorg or XFree86 server with the "dummy" driver and not have any VT switching problems! Currently Xdummy needs to be run as root, but with some luck that may be relaxed in the @@ -5538,7 +5552,7 @@ startx -- /path/to/Xdummy :1 In general, one can use these sorts of schemes to use x11vnc to export other virtual X sessions, say Xnest or even Xvnc itself (useful for - testing x11vnc). + testing x11vnc.) Local access: You use a VNC viewer to access the display remotely; to access your virtual X display locally (i.e. while sitting at the same @@ -5549,7 +5563,7 @@ x11vnc -display :5 -rfbport 5905 -bg vncviewer -geometry +0+0 -encodings raw -passwd $HOME/.vnc/passwd localhost:5 The display numbers (VNC and X) will likely be different (you could - also try [464]-find), and you may not need the -passwd. Recent RealVNC + also try [466]-find), and you may not need the -passwd. Recent RealVNC viewers might be this: #!/bin/sh x11vnc -display :5 -rfbport 5905 -bg @@ -5565,7 +5579,7 @@ t:5 For the general replacement of Xvnc by Xvfb+x11vnc, one user describes - a similar setup he created [465]here. + a similar setup he created [467]here. Q-67: How can I use x11vnc on "headless" machines? Why might I want @@ -5579,22 +5593,22 @@ t:5 An X server can be started on the headless machine (sometimes this requires configuring the X server to not fail if it cannot detect a - keyboard or mouse, see the next paragraph). Then you can export that X - display via x11vnc (e.g. see [466]this FAQ) and access it from + keyboard or mouse, see the next paragraph.) Then you can export that X + display via x11vnc (e.g. see [468]this FAQ) and access it from anywhere on the network via a VNC viewer. Some tips on getting X servers to start on machines without keyboard or mouse: For XFree86/Xorg the Option "AllowMouseOpenFail" "true" "ServerFlags" config file option is useful. On Solaris Xsun the +nkeyboard and +nmouse options are useful (put them in the server - command line args in /etc/dt/config/Xservers). There are patches + command line args in /etc/dt/config/Xservers.) There are patches available for Xsun at lease back to Solaris 8 that support this. See Xserver(1) for more info. Although this usage may sound strange it can be quite useful for a GUI (or other) testing or QA setups: the engineers do not need to walk to lab machines running different hardware, OS's, versions, etc (or have - many different machines in their office). They just connect to the + many different machines in their office.) They just connect to the various test machines over the network via VNC. The advantage to testing this way instead of using Xvnc or even Xvfb is that the test is done using the real X server, fonts, video hardware, etc. that will @@ -5604,10 +5618,10 @@ t:5 cards as it can hold to provide multiple simultaneous access or testing on different kinds of video hardware. - See also the [467]FINDCREATEDISPLAY discussion of the "[468]-display + See also the [469]FINDCREATEDISPLAY discussion of the "[470]-display WAIT:cmd=FINDDISPLAY" option where virtual Xvfb or Xdummy, or real X servers are started automatically for new users connecting. The - [469]-find, [470]-create, [471]-svc, and [472]-xdmsvc aliases can also + [471]-find, [472]-create, [473]-svc, and [474]-xdmsvc aliases can also come in handy here. [Resource Usage and Performance] @@ -5621,7 +5635,7 @@ t:5 Solaris machine using the default of only 100 slots. You (or the owner or root) can clean them out with ipcrm(1). x11vnc tries hard to release its slots, but it, and other programs, are not always able to - (e.g. if kill -9'd). + (e.g. if kill -9'd.) Sometimes x11vnc will notice the problem with shm segments and tries to get by with fewer, only giving a warning like this: @@ -5630,10 +5644,10 @@ t:5 19/03/2004 10:10:58 error creating tile-row shm for len=4 19/03/2004 10:10:58 reverting to single_copytile mode - Here is a shell script [473]shm_clear to list and prompt for removal - of your unattached shm segments (attached ones are skipped). I use it + Here is a shell script [475]shm_clear to list and prompt for removal + of your unattached shm segments (attached ones are skipped.) I use it while debugging x11vnc (I use "shm_clear -y" to assume "yes" for each - prompt). If x11vnc is regularly not cleaning up its shm segments, + prompt.) If x11vnc is regularly not cleaning up its shm segments, please contact me so we can work to improve the situation. Longer term, on Solaris you can put something like this in @@ -5641,7 +5655,7 @@ t:5 set shmsys:shminfo_shmmax = 0x2000000 set shmsys:shminfo_shmmni = 0x1000 - to sweep the problem under the rug (4096 slots). On Linux, examine + to sweep the problem under the rug (4096 slots.) On Linux, examine /proc/sys/kernel/shmmni; you can modify the value by writing to that file. @@ -5664,44 +5678,44 @@ ied) in /etc/system. See the next paragraph for more workarounds. To minimize the number of shm segments used by x11vnc try using the - [474]-onetile option (corresponds to only 3 shm segments used, and - adding -fs 1.0 knocks it down to 2). If you are having much trouble + [476]-onetile option (corresponds to only 3 shm segments used, and + adding -fs 1.0 knocks it down to 2.) If you are having much trouble with shm segments, consider disabling shm completely via the - [475]-noshm option. Performance will be somewhat degraded but when + [477]-noshm option. Performance will be somewhat degraded but when done over local machine sockets it should be acceptable (see an - [476]earlier question discussing -noshm). + [478]earlier question discussing -noshm.) Q-69: How can I make x11vnc use less system resources? - The [477]-nap (now on by default; use -nonap to disable) and - "[478]-wait n" (where n is the sleep between polls in milliseconds, + The [479]-nap (now on by default; use -nonap to disable) and + "[480]-wait n" (where n is the sleep between polls in milliseconds, the default is 30 or so) option are good places to start. In addition, - something like "[479]-sb 15" will cause x11vnc to go into a deep-sleep - mode after 15 seconds of no activity (instead of the default 60). + something like "[481]-sb 15" will cause x11vnc to go into a deep-sleep + mode after 15 seconds of no activity (instead of the default 60.) Reducing the X server bits per pixel depth (e.g. to 16bpp or even 8bpp) will further decrease memory I/O and network I/O. The ShadowFB X server setting will make x11vnc's screen polling less severe. Using - the [480]-onetile option will use less memory and use fewer shared - memory slots (add [481]-fs 1.0 for one less slot). + the [482]-onetile option will use less memory and use fewer shared + memory slots (add [483]-fs 1.0 for one less slot.) Q-70: How can I make x11vnc use MORE system resources? - You can try [482]-threads (note this mode can be unstable and/or + You can try [484]-threads (note this mode can be unstable and/or crash; and as of May/2008 is strongly discouraged, see the option description) or dial down the wait time (e.g. -wait 1) and possibly - dial down [483]-defer as well. Note that if you try to increase the + dial down [485]-defer as well. Note that if you try to increase the "frame rate" too much you can bog down the server end with the extra work it needs to do compressing the framebuffer data, etc. That said, it is possible to "stream" video via x11vnc if the video window is small enough. E.g. a 256x192 xawtv TV capture window (using - the x11vnc [484]-id option) can be streamed over a LAN or wireless at + the x11vnc [486]-id option) can be streamed over a LAN or wireless at a reasonable frame rate. If the graphics card's framebuffer read rate - is [485]faster than normal then the video window size and frame rate - can be much higher. The use of [486]TurboVNC and/or TurboJPEG can make + is [487]faster than normal then the video window size and frame rate + can be much higher. The use of [488]TurboVNC and/or TurboJPEG can make the frame rate somewhat higher still (but most of this hinges on the graphics card's read rate.) @@ -5717,19 +5731,19 @@ ied) (reduces amount of data needed to be polled, compressed, and sent) * Use a smaller desktop size (e.g. 1024x768 instead of 1280x1024) * Make sure the desktop background is a solid color (the background - is resent every time it is re-exposed). Consider using the - [487]-solid [color] option to try to do this automatically. + is resent every time it is re-exposed.) Consider using the + [489]-solid [color] option to try to do this automatically. * Configure your window manager or desktop "theme" to not use fancy images, shading, and gradients for the window decorations, etc. Disable window animations, etc. Maybe your desktop has a "low bandwidth" theme you can easily switch into and out of. Also in Firefox disable eye-candy, e.g.: Edit -> Preferences -> Advanced - -> Use Smooth Scrolling (deselect it). + -> Use Smooth Scrolling (deselect it.) * Avoid small scrolls of large windows using the Arrow keys or scrollbar. Try to use PageUp/PageDown instead. (not so much of a - problem in x11vnc 0.7.2 if [488]-scrollcopyrect is active and - detecting scrolls for the application). - * If the [489]-wireframe option is not available (earlier than + problem in x11vnc 0.7.2 if [490]-scrollcopyrect is active and + detecting scrolls for the application.) + * If the [491]-wireframe option is not available (earlier than x11vnc 0.7.2 or you have disabled it via -nowireframe) then Disable Opaque Moves and Resizes in the window manager/desktop. * However if -wireframe is active (on by default in x11vnc 0.7.2) @@ -5737,10 +5751,10 @@ ied) manager! This seems counter-intuitive, but because x11vnc detects the move/resize events early there is a huge speedup over a slow link when Opaque Moves and Resizes are enabled. (e.g. CopyRect - encoding will be used). + encoding will be used.) * Turn off Anti-aliased fonts on your system, web browser, terminal windows, etc. AA fonts do not compress as well as traditional - fonts (sometimes 10X less). + fonts (sometimes 10X less.) * On Firefox/Mozilla (and anything else) turn off "Smooth Scroll" animations. In Firefox put in the URL "about:config" and set general.smoothScroll to false. @@ -5752,16 +5766,16 @@ ied) noticed. VNC viewer parameters: - * Use a [490]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer + * Use a [492]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer with ZRLE encoding is not too bad either; some claim it is - faster). + faster.) * Make sure the tight (or zrle) encoding is being used (look at vncviewer and x11vnc outputs) * Request 8 bits per pixel using -bgr233 (up to 4X speedup over depth 24 TrueColor (32bpp), but colors will be off) * RealVNC 4.x viewer has some extremely low color modes (only 64 and - even 8 colors). [491]SSVNC does too. The colors are poor, but it - is usually noticeably faster than bgr233 (256 colors). + even 8 colors.) [493]SSVNC does too. The colors are poor, but it + is usually noticeably faster than bgr233 (256 colors.) * Try increasing the TightVNC -compresslevel (compresses more on server side before sending, but uses more CPU) * Try reducing the TightVNC -quality (increases JPEG compression, @@ -5774,39 +5788,39 @@ ied) file. x11vnc parameters: - * Make sure the [492]-wireframe option is active (it should be on by + * Make sure the [494]-wireframe option is active (it should be on by default) and you have Opaque Moves/Resizes Enabled in the window manager. - * Make sure the [493]-scrollcopyrect option is active (it should be - on by default). This detects scrolls in many (but not all) + * Make sure the [495]-scrollcopyrect option is active (it should be + on by default.) This detects scrolls in many (but not all) applications an applies the CopyRect encoding for a big speedup. * Enforce a solid background when VNC viewers are connected via - [494]-solid - * Specify [495]-speeds modem to force the wireframe and + [496]-solid + * Specify [497]-speeds modem to force the wireframe and scrollcopyrect heuristic parameters (and any future ones) to those of a dialup modem connection (or supply the rd,bw,lat numerical - values that characterize your link). + values that characterize your link.) * If wireframe and scrollcopyrect aren't working, try using the more - drastic [496]-nodragging (no screen updates when dragging mouse, + drastic [498]-nodragging (no screen updates when dragging mouse, but sometimes you miss visual feedback) - * Set [497]-fs 1.0 (disables fullscreen updates) - * Try increasing [498]-wait or [499]-defer (reduces the maximum + * Set [499]-fs 1.0 (disables fullscreen updates) + * Try increasing [500]-wait or [501]-defer (reduces the maximum "frame rate", but won't help much for large screen changes) - * Try the [500]-progressive pixelheight mode with the block + * Try the [502]-progressive pixelheight mode with the block pixelheight 100 or so (delays sending vertical blocks since they may change while viewer is receiving earlier ones) - * If you just want to watch one (simple) window use [501]-id (cuts + * If you just want to watch one (simple) window use [503]-id (cuts down extraneous polling and updates, but can be buggy or insufficient) - * Set [502]-nosel (disables all clipboard selection exchange) - * Use [503]-nocursor and [504]-nocursorpos (repainting the remote + * Set [504]-nosel (disables all clipboard selection exchange) + * Use [505]-nocursor and [506]-nocursorpos (repainting the remote cursor position and shape takes resources and round trips) * On very slow links (e.g. <= 28.8) you may need to increase the - [505]-readtimeout n setting if it sometimes takes more than 20sec + [507]-readtimeout n setting if it sometimes takes more than 20sec to paint the full screen, etc. - * Do not use [506]-fixscreen to automatically refresh the whole + * Do not use [508]-fixscreen to automatically refresh the whole screen, tap three Alt_L's then the screen has painting errors - (rare problem). + (rare problem.) Example for the KDE desktop: @@ -5861,23 +5875,23 @@ ied) Yes, as of Mar/2005 x11vnc will use the X DAMAGE extension by default if it is available on the display. This requires libXdamage to be available in the build environment as well (recent Linux distros and - Solaris 10 have it). + Solaris 10 have it.) The DAMAGE extension enables the X server to report changed regions of the screen back to x11vnc. So x11vnc doesn't have to guess where the changes are (by polling every pixel of the entire screen every 2-4 - seconds). The use of X DAMAGE dramatically reduces the load when the - screen is not changing very much (i.e. most of the time). It also + seconds.) The use of X DAMAGE dramatically reduces the load when the + screen is not changing very much (i.e. most of the time.) It also noticeably improves updates, especially for very small changed areas - (e.g. clock ticking, cursor flashing, typing, etc). + (e.g. clock ticking, cursor flashing, typing, etc.) Note that the DAMAGE extension does not speed up the actual reading of pixels from the video card framebuffer memory, by, say, mirroring them - in main memory. So reading the fb is still painfully [507]slow (e.g. + in main memory. So reading the fb is still painfully [509]slow (e.g. 5MB/sec), and so even using X DAMAGE when large changes occur on the screen the bulk of the time is still spent retrieving them. Not ideal, but use of the ShadowFB XFree86/Xorg option speeds up the reading - considerably (at the cost of h/w acceleration). + considerably (at the cost of h/w acceleration.) Unfortunately the current Xorg DAMAGE extension implementation can at times be overly conservative and report very large rectangles as @@ -5885,81 +5899,81 @@ ied) been modified. This behavior is often the fault of the window manager (e.g. it redraws the entire, unseen, frame window underneath the application window when it gains focus), or the application itself - (e.g. does large, unnecessary repaints). + (e.g. does large, unnecessary repaints.) To work around this deficiency, x11vnc currently only trusts small DAMAGE rectangles to contain real damage. The larger rectangles are only used as hints to focus the traditional scanline polling (i.e. if a scanline doesn't intersect a recent DAMAGE rectangle, the scan is - skipped). You can use the "[508]-xd_area A" option to adjust the size + skipped.) You can use the "[510]-xd_area A" option to adjust the size of the trusted DAMAGE rectangles. The default is 20000 pixels (e.g. a - 140x140 square, etc). Use "-xd_area 0" to disable the cutoff and trust + 140x140 square, etc.) Use "-xd_area 0" to disable the cutoff and trust all DAMAGE rectangles. - The option "[509]-xd_mem f" may also be of use in tuning the - algorithm. To disable using DAMAGE entirely use "[510]-noxdamage". + The option "[511]-xd_mem f" may also be of use in tuning the + algorithm. To disable using DAMAGE entirely use "[512]-noxdamage". Q-73: My OpenGL application shows no screen updates unless I supply the -noxdamage option to x11vnc. One user reports in his environment (MythTV using the NVIDIA OpenGL drivers) he gets no updates after the initial screen is drawn unless - he uses the "[511]-noxdamage" option. + he uses the "[513]-noxdamage" option. This seems to be a bug in the X DAMAGE implementation of that driver. You may have to use -noxdamage as well. A way to autodetect this will be tried, probably the best it will do is automatically stop using X DAMAGE. - A developer for [512]MiniMyth reports that the 'alphapulse' tag of the + A developer for [514]MiniMyth reports that the 'alphapulse' tag of the theme G.A.N.T. can also cause problems, and should be avoided when using VNC. - Update: see [513]this FAQ too. + Update: see [515]this FAQ too. Q-74: When I drag windows around with the mouse or scroll up and down things really bog down (unless I do the drag in a single, quick - motion). Is there anything to do to improve things? + motion.) Is there anything to do to improve things? - This problem is primarily due to [514]slow hardware read rates from + This problem is primarily due to [516]slow hardware read rates from video cards: as you scroll or move a large window around the screen changes are much too rapid for x11vnc to keep up them (it can usually only read the video card at about 5-10 MB/sec, so it can take a good fraction of a second to read the changes induce from moving a large window, if this to be done a number of times in succession the window - or scroll appears to "lurch" forward). See the description in the - [515]-pointer_mode option for more info. The next bottleneck is + or scroll appears to "lurch" forward.) See the description in the + [517]-pointer_mode option for more info. The next bottleneck is compressing all of these changes and sending them out to connected viewers, however the VNC protocol is pretty much self-adapting with respect to that (updates are only packaged and sent when viewers ask - for them). + for them.) As of Jan/2004 there are some improvements to libvncserver. The default should now be much better than before and dragging small windows around should no longer be a huge pain. If for some reason these changes make matters worse, you can go back to the old way via - the "[516]-pointer_mode 1" option. + the "[518]-pointer_mode 1" option. - Also added was the [517]-nodragging option that disables all screen + Also added was the [519]-nodragging option that disables all screen updates while dragging with the mouse (i.e. mouse motion with a button - held down). This gives the snappiest response, but might be undesired + held down.) This gives the snappiest response, but might be undesired in some circumstances when you want to see the visual feedback while - dragging (e.g. menu traversal or text selection). + dragging (e.g. menu traversal or text selection.) - As of Dec/2004 the [518]-pointer_mode n option was introduced. n=1 is + As of Dec/2004 the [520]-pointer_mode n option was introduced. n=1 is the original mode, n=2 an improvement, etc.. See the -pointer_mode n help for more info. - Also, in some circumstances the [519]-threads option can improve + Also, in some circumstances the [521]-threads option can improve response considerably. Be forewarned that if more than one vncviewer is connected at the same time then libvncserver may not be thread safe (try to get the viewers to use different VNC encodings, e.g. tight and - ZRLE). This option can be unstable and so as of Feb/2008 it is + ZRLE.) This option can be unstable and so as of Feb/2008 it is disabled by default. Set env. X11VNC_THREADED=1 to re-enable. - As of Apr/2005 two new options (see the [520]wireframe FAQ and - [521]scrollcopyrect FAQ below) provide schemes to sweep this problem + As of Apr/2005 two new options (see the [522]wireframe FAQ and + [523]scrollcopyrect FAQ below) provide schemes to sweep this problem under the rug for window moves or resizes and for some (but not all) window scrolls. These are the preferred way of avoiding the "lurching" problem, contact me if they are not working. Note on SuSE and some @@ -5983,8 +5997,8 @@ EndSection the window move/resize stops, it returns to normal processing: you should only see the window appear in the new position. This spares you from interacting with a "lurching" window between all of the - intermediate steps. BTW the lurching is due to [522]slow video card - read rates (see [523]here too). A displacement, even a small one, of a + intermediate steps. BTW the lurching is due to [524]slow video card + read rates (see [525]here too.) A displacement, even a small one, of a large window requires a non-negligible amount of time, a good fraction of a second, to read in from the hardware framebuffer. @@ -5992,8 +6006,8 @@ EndSection for -wireframe to do any good. The mode is currently on by default because most people are afflicted - with the problem. It can be disabled with the [524]-nowireframe option - (aka -nowf). Why might one want to turn off the wireframing? Since + with the problem. It can be disabled with the [526]-nowireframe option + (aka -nowf.) Why might one want to turn off the wireframing? Since x11vnc is merely guessing when windows are being moved/resized, it may guess poorly for your window-manager or desktop, or even for the way you move the pointer. If your window-manager or desktop already does @@ -6014,12 +6028,12 @@ EndSection worse. First it assumes that the move/resize will occur with a mouse button - pressed, held down and dragged (of course this is only mostly true). + pressed, held down and dragged (of course this is only mostly true.) Next it will only consider a window for wireframing if the mouse pointer is initially "close enough" to the edges of the window frame, e.g. you have grabbed the title bar or a resizer edge (this requirement can be disabled and it also not applied if a modifier key, - e.g. Alt, is pressed). If these are true, it will wait an amount of + e.g. Alt, is pressed.) If these are true, it will wait an amount of time to see if the window starts moving or resizing. If it does, it starts drawing the wireframe "outline" of where the window would be. When the mouse button is released, or a timeout occurs, it goes back @@ -6038,13 +6052,13 @@ EndSection * Maximum time to show a wireframe animation. * Minimum time between sending wireframe outlines. - See the [525]"-wireframe tweaks" option for more details. On a slow + See the [527]"-wireframe tweaks" option for more details. On a slow link, e.g. dialup modem, the parameters may be automatically adjusted for better response. CopyRect encoding: In addition to the above there is the - [526]"-wirecopyrect mode" option. It is also on by default. This + [528]"-wirecopyrect mode" option. It is also on by default. This instructs x11vnc to not only show the wireframe animation, but to also instruct all connected VNC viewers to locally translate the window image data from the original position to the new position on the @@ -6059,7 +6073,7 @@ EndSection only apply the CopyRect if the window is appears to be on the top of the window stack and is not obstructed by other windows; and "always" to always try to apply the CopyRect (obstructed regions are usually - clipped off and not translated). + clipped off and not translated.) Note that some desktops (KDE and xfce) appear to mess with the window stacking in ways that are not yet clear. In these cases x11vnc works @@ -6070,7 +6084,7 @@ EndSection Also, the CopyRect encoding may give incorrect results under -scale (depending on the scale factor the CopyRect operation is often only approximate: the correctly scaled framebuffer will be slightly - different from the translated one). x11vnc will try to push a + different from the translated one.) x11vnc will try to push a "cleanup" update after the CopyRect if -scale is in effect. Use -nowirecopyrect if this or other painting errors are unacceptable. @@ -6081,7 +6095,7 @@ EndSection Another nice idea for a hack! As of May/2005 x11vnc will by default apply heuristics to try to detect if the window that has the input focus is scrolling its contents (but only when x11vnc is feeding user - input, keystroke or pointer, to the X server). So, when detected, + input, keystroke or pointer, to the X server.) So, when detected, scrolls induced by dragging on a scrollbar or by typing (e.g. Up or Down arrows, hitting Return in a terminal window, etc), will show up much more quickly than via the standard x11vnc screen polling update @@ -6092,12 +6106,12 @@ EndSection requiring the image data to be transmitted over the network. For fast links the speedup is primarily due to x11vnc not having to read the scrolled framebuffer data from the X server (recall that reading from - the hardware framebuffer is [527]slow). + the hardware framebuffer is [529]slow.) To do this x11vnc uses the RECORD X extension to snoop the X11 protocol between the X client with the focus window and the X server. This extension is usually present on most X servers (but SuSE disables - it for some reason). On XFree86/Xorg it can be enabled via Load + it for some reason.) On XFree86/Xorg it can be enabled via Load "record" in the Module section of the config file if it isn't already: Section "Module" ... @@ -6111,7 +6125,7 @@ EndSection These catch a lot of scrolls, e.g. in mozilla/firefox and in terminal windows like gnome-terminal and xterm. Unfortunately the toolkits KDE applications use make scroll detection less effective (only rarely are - they detected: i.e. Konqueror and Konsole don't work). An interesting + they detected: i.e. Konqueror and Konsole don't work.) An interesting project, that may be the direction x11vnc takes, is to record all of the X11 protocol from all clients and try to "tee" the stream into a modified Xvfb watching for CopyRect and other VNC speedups. A @@ -6119,11 +6133,11 @@ EndSection the X server display: if one falls too far behind it could become a mess... - The initial implementation of [528]-scrollcopyrect option is useful in + The initial implementation of [530]-scrollcopyrect option is useful in that it detects many scrolls and thus gives a much nicer working - environment (especially when combined with the [529]-wireframe - [530]-wirecopyrect [531]options, which are also on by default; and if - you are willing to enable the ShadowFB things are very fast). The fact + environment (especially when combined with the [531]-wireframe + [532]-wirecopyrect [533]options, which are also on by default; and if + you are willing to enable the ShadowFB things are very fast.) The fact that there aren't long delays or lurches during scrolling is the primary improvement. @@ -6144,7 +6158,7 @@ EndSection did not have time to detect a screen change just before the scroll (most common is the terminal undraws the block cursor before scrolling the text up: in the viewer you temporarily see multiple - block cursors). Another issue is with things like more(1): scroll + block cursors.) Another issue is with things like more(1): scroll detection for 5-6 lines happens nicely, but then it can't keep up and so there is a long pause for the standard polling method to deliver the remaining updates. @@ -6155,10 +6169,10 @@ EndSection One can tap the Alt_L key (Left "Alt" key) 3 times in a row to signal x11vnc to refresh the screen to all viewers. Your VNC-viewer may have its own screen refresh hot-key or button. See - also: [532]-fixscreen + also: [534]-fixscreen * Some applications, notably OpenOffice, do XCopyArea scrolls in weird ways that assume ancestor window clipping is taking place. - See the [533]-scr_skip option for ways to tweak this on a + See the [535]-scr_skip option for ways to tweak this on a per-application basis. * Selecting text while dragging the mouse may be slower, especially if the Button-down event happens near the window's edge. This is @@ -6166,7 +6180,7 @@ EndSection RECORD and has to wait for a timeout to occur before it does the update. * For reasons not yet understood the RECORD extension can stop - responding (and hence scrolls are missed). As a workaround x11vnc + responding (and hence scrolls are missed.) As a workaround x11vnc attempts to reset the RECORD connection every 60 seconds or so. Another workaround is to type 4 Super_L (Left Super/Windows-Flag key) in a row to reset RECORD. Work is in progress to try to fix @@ -6175,7 +6189,7 @@ EndSection because it fails to detect scrolls in it. Sometimes clicking inside the application window or selecting some text in it to force the focus helps. - * When using the [534]-scale option there will be a quick CopyRect + * When using the [536]-scale option there will be a quick CopyRect scroll, but it needs to be followed by a slower "cleanup" update. This is because for a fixed finite screen resolution (e.g. 75 dpi) scaling and copyrect-ing are not exactly independent. Scaling @@ -6188,7 +6202,7 @@ EndSection If you find the -scrollcopyrect behavior too approximate or distracting you can go back to the standard polling-only update method - with the [535]-noscrollcopyrect (or -noscr for short). If you find + with the [537]-noscrollcopyrect (or -noscr for short.) If you find some extremely bad and repeatable behavior for -scrollcopyrect please report a bug. @@ -6213,9 +6227,9 @@ EndSection that pixel data is needed again it does not have to be retransmitted over the network. - As of Dec/2006 in the [536]0.9 development tarball there is an + As of Dec/2006 in the [538]0.9 development tarball there is an experimental client-side caching implementation enabled by the - "[537]-ncache n" option. In fact, during the test period it was on by + "[539]-ncache n" option. In fact, during the test period it was on by default with n set to 10. To disable it use "-noncache". It is a simple scheme where a (very large) lower portion of the @@ -6225,7 +6239,7 @@ EndSection out of the actual display area. It gives an excellent speedup for iconifying/deiconifying and moving windows and re-posting of menus (often it doesn't feel like VNC at all: there is no delay waiting for - the pixel data to fill in). + the pixel data to fill in.) This scheme is nice because it does all of this within the existing VNC protocol, and so it works with all VNC viewers. @@ -6242,17 +6256,17 @@ EndSection there is a bug: you can scroll down in your viewer and see a strange "history" of windows on your desktop. This is working as intended. One will need to try to adjust the size of his VNC Viewer window so the - cache area cannot be seen. [538]SSVNC (see below) can do this + cache area cannot be seen. [540]SSVNC (see below) can do this automatically. At some point LibVNCServer may implement a "rfbFBCrop" pseudoencoding that viewers can use to learn which portion of the framebuffer to actually show to the users (with the hidden part used for caching, or perhaps something else, maybe double buffering or other offscreen - rendering...). + rendering...) The Enhanced TightVNC Viewer (SSVNC) Unix viewer has a nice - [539]-ycrop option to help hide the pixel cache area from view. It + [541]-ycrop option to help hide the pixel cache area from view. It will turn on automatically if the framebuffer appears to be very tall (height more than twice the width), or you can supply the actual value for the height. If the screen is resized by scaling, etc, the ycrop @@ -6283,7 +6297,7 @@ EndSection an additional factor of 2 in memory use. However, even in the smallest usage mode with n equal 2 and - [540]-ncache_no_rootpixmap set (this requires only 2X additional + [542]-ncache_no_rootpixmap set (this requires only 2X additional framebuffer memory) there is still a noticable improvement for many activities, although it is not as dramatic as with, say n equal 12 and rootpixmap (desktop background) caching enabled. @@ -6294,7 +6308,7 @@ EndSection be tuned to use less, or the VNC community will extend the protocol to allow caching and replaying of compressed blobs of data. - Another option to experiment with is "[541]-ncache_cr". By specifying + Another option to experiment with is "[543]-ncache_cr". By specifying it, x11vnc will try to do smooth opaque window moves instead of its wireframe. This can give a very nice effect (note: on Unix the realvnc viewer seems to be smoother than the tightvnc viewer), but can lead to @@ -6306,7 +6320,7 @@ EndSection window. Normally, the wireframe must be sent and this involves compressing and sending the lines that give rise to the moving box effect (note that real framebuffer data is sent to "erase" the white - lines of the box). + lines of the box.) If you experience painting errors you can can tap the Alt_L key (Left "Alt" key) 3 times in a row to signal x11vnc to refresh the screen to @@ -6351,24 +6365,24 @@ EndSection As of Feb/2009 (development tarball) there is an experimental kludge to let you build x11vnc using TurboVNC's modified TightVNC encoding. - [542]TurboVNC is part of the [543]VirtualGL project. It does two main + [544]TurboVNC is part of the [545]VirtualGL project. It does two main things to speed up the TightVNC encoding: * It eliminates bottlenecks, overheads, wait-times in the TightVNC encoding implementation and instead only worries about sending very well (and quickly) compressed JPEG data. * A fast proprietary JPEG implemention is used (Intel IPP on x86) - instead of the usual libjpeg implementation. [544]TurboJPEG is an + instead of the usual libjpeg implementation. [546]TurboJPEG is an interface library, libturbojpeg, provided by the project that achieves this. TurboVNC works very well over LAN and evidently fast Broadband too. When using it with x11vnc in such a situation you may want to dial - down the delays, e.g. "[545]-wait 5" and "[546]-defer 5" (or even a + down the delays, e.g. "[547]-wait 5" and "[548]-defer 5" (or even a smaller setting) to poll and pump things out more quickly. See the instructions in "x11vnc/misc/turbovnc/README" for how to build x11vnc with TurboVNC support. You will also need to download the - [547]TurboJPEG software. + [549]TurboJPEG software. In brief, the steps look like this: cd x11vnc-x.y.z/x11vnc/misc/turbovnc @@ -6380,22 +6394,22 @@ EndSection where you replace "/DIR" with the directory containing libturbojpeg.so you downloaded separately. If it works out well enough TurboVNC support will be integrated into x11vnc and more of its tuning features - will be implemented. Support for TurboVNC in [548]SSVNC viewer has + will be implemented. Support for TurboVNC in [550]SSVNC viewer has been added as an experiment as well. If you try either one, let us know how it went. There also may be some Linux.i686 and Darwin.i386 x11vnc binaries with - TurboVNC support in the [549]misc. bins directory. For other platforms + TurboVNC support in the [551]misc. bins directory. For other platforms you will need to compile yourself. On relatively cheap and old hardware (Althon64 X2 5000+ / GeForce - 6200) x11vnc and [550]SSVNC, both TurboVNC enabled, were able to + 6200) x11vnc and [552]SSVNC, both TurboVNC enabled, were able to sustain 13.5 frames/sec (fps) and 15 Megapixels/sec using the VirtualGL supplied OpenGL benchmark program glxspheres. VirtualGL on - higher-end hardware can sustain [551]20-30 fps with the glxspheres + higher-end hardware can sustain [553]20-30 fps with the glxspheres benchmark. - Potential Slowdown: As we describe [552]elsewhere, unless you use + Potential Slowdown: As we describe [554]elsewhere, unless you use x11vnc with an X server using, say, NVidia proprietary drivers (or a virtual X server like Xvfb or Xdummy, or in ShadowFB mode), then the read rate from the graphics card can be rather slow (e.g. 10 MB/sec) @@ -6435,23 +6449,23 @@ EndSection this is because the cursor shape is often downloaded to the graphics hardware (video card), but I could be mistaken. - A simple kludge is provided by the "[553]-cursor X" option that + A simple kludge is provided by the "[555]-cursor X" option that changes the cursor when the mouse is on the root background (or any - window has the same cursor as the root background). Note that desktops + window has the same cursor as the root background.) Note that desktops like GNOME or KDE often cover up the root background, so this won't - work for those cases. Also see the "[554]-cursor some" option for + work for those cases. Also see the "[556]-cursor some" option for additional kludges. Note that as of Aug/2004 on Solaris using the SUN_OVL overlay extension and IRIX, x11vnc can show the correct mouse cursor when the - [555]-overlay option is supplied. See [556]this FAQ for more info. + [557]-overlay option is supplied. See [558]this FAQ for more info. Also as of Dec/2004 XFIXES X extension support has been added to allow exact extraction of the mouse cursor shape. XFIXES fixes the problem of the cursor-shape being write-only: x11vnc can now query the X server for the current shape and send it back to the connected viewers. XFIXES is available on recent Linux Xorg based distros and - [557]Solaris 10. + [559]Solaris 10. The only XFIXES issue is the handling of alpha channel transparency in cursors. If a cursor has any translucency then in general it must be @@ -6459,7 +6473,7 @@ EndSection situations where the cursor transparency can also handled exactly: when the VNC Viewer requires the cursor shape be drawn into the VNC framebuffer or if you apply a patch to your VNC Viewer to extract - hidden alpha channel data under 32bpp. [558]Details can be found here. + hidden alpha channel data under 32bpp. [560]Details can be found here. Q-80: When using XFIXES cursorshape mode, some of the cursors look @@ -6492,18 +6506,18 @@ EndSection for most cursor themes and you don't have to worry about it. In case it still looks bad for your cursor theme, there are (of - course!) some tunable parameters. The "[559]-alphacut n" option lets + course!) some tunable parameters. The "[561]-alphacut n" option lets you set the threshold "n" (between 0 and 255): cursor pixels with alpha values below n will be considered completely transparent while values equal to or above n will be completely opaque. The default is - 240. The "[560]-alphafrac f" option tries to correct individual + 240. The "[562]-alphafrac f" option tries to correct individual cursors that did not fare well with the default -alphacut value: if a cursor has less than fraction f (between 0.0 and 1.0) of its pixels selected by the default -alphacut, the threshold is lowered until f of its pixels are selected. The default fraction is 0.33. - Finally, there is an option [561]-alpharemove that is useful for - themes where many cursors are light colored (e.g. "whiteglass"). + Finally, there is an option [563]-alpharemove that is useful for + themes where many cursors are light colored (e.g. "whiteglass".) XFIXES returns the cursor data with the RGB values pre-multiplied by the alpha value. If the white cursors look too grey, specify -alpharemove to brighten them by having x11vnc divide out the alpha @@ -6527,13 +6541,13 @@ EndSection channel (i.e. RGBA data) for Rich Cursors. So x11vnc can now send the alpha channel data to libvncserver. However, this data will only be used for VNC clients that do not support the CursorShapeUpdates VNC - extension (or have disabled it). It can be disabled for all clients - with the [562]-nocursorshape x11vnc option. In this case the cursor is + extension (or have disabled it.) It can be disabled for all clients + with the [564]-nocursorshape x11vnc option. In this case the cursor is drawn, correctly blended with the background, into the VNC framebuffer before being sent out to the client. So the alpha blending is done on - the x11vnc side. Use the [563]-noalphablend option to disable this + the x11vnc side. Use the [565]-noalphablend option to disable this behavior (always approximate transparent cursors with opaque RGB - values). + values.) The CursorShapeUpdates VNC extension complicates matters because the cursor shape is sent to the VNC viewers supporting it, and the viewers @@ -6545,17 +6559,17 @@ EndSection viewer to make this work for CursorShapeUpdates under some circumstances. This hack is outside of the VNC protocol. It requires the screens on both sides to be depth 24 at 32bpp (it uses the extra 8 - bits to secretly hide the cursor alpha channel data). Not only does it + bits to secretly hide the cursor alpha channel data.) Not only does it require depth 24 at 32bpp, but it also currently requires the client and server to be of the same endianness (otherwise the hidden alpha data gets reset to zero by a libvncserver translation function; we can - fix this at some point if there is interest). The patch is for the + fix this at some point if there is interest.) The patch is for the TightVNC 1.3dev5 Unix vncviewer and it enables the TightVNC viewer to do the cursor alpha blending locally. The patch code should give an example on how to change the Windows TightVNC viewer to achieve the - same thing (send me the patch if you get that working). + same thing (send me the patch if you get that working.) - This patch is applied to the [564]Enhanced TightVNC Viewer (SSVNC) + This patch is applied to the [566]Enhanced TightVNC Viewer (SSVNC) package we provide. [Mouse Pointer] @@ -6563,9 +6577,9 @@ EndSection Q-82: Why does the mouse arrow just stay in one corner in my vncviewer, whereas my cursor (that does move) is just a dot? - This default takes advantage of a [565]tightvnc extension + This default takes advantage of a [567]tightvnc extension (CursorShapeUpdates) that allows specifying a cursor image shape for - the local VNC viewer. You may disable it with the [566]-nocursor + the local VNC viewer. You may disable it with the [568]-nocursor option to x11vnc if your viewer does not have this extension. Note: as of Aug/2004 this should be fixed: the default for @@ -6579,25 +6593,25 @@ EndSection clients (i.e. passive viewers can see the mouse cursor being moved around by another viewer)? - Use the [567]-cursorpos option when starting x11vnc. A VNC viewer must + Use the [569]-cursorpos option when starting x11vnc. A VNC viewer must support the Cursor Positions Updates for the user to see the mouse - motions (the TightVNC viewers support this). As of Aug/2004 -cursorpos - is the default. See also [568]-nocursorpos and [569]-nocursorshape. + motions (the TightVNC viewers support this.) As of Aug/2004 -cursorpos + is the default. See also [570]-nocursorpos and [571]-nocursorshape. Q-84: Is it possible to swap the mouse buttons (e.g. left-handed operation), or arbitrarily remap them? How about mapping button clicks to keystrokes, e.g. to partially emulate Mouse wheel scrolling? - You can remap the mouse buttons via something like: [570]-buttonmap - 13-31 (or perhaps 12-21). Also, note that xmodmap(1) lets you directly + You can remap the mouse buttons via something like: [572]-buttonmap + 13-31 (or perhaps 12-21.) Also, note that xmodmap(1) lets you directly adjust the X server's button mappings, but in some circumstances it might be more desirable to have x11vnc do it. One user had an X server with only one mouse button(!) and was able to map all of the VNC client mouse buttons to it via: -buttonmap 123-111. - Note that the [571]-debug_pointer option prints out much info for + Note that the [573]-debug_pointer option prints out much info for every mouse/pointer event and is handy in solving problems. To map mouse button clicks to keystrokes you can use the alternate @@ -6619,22 +6633,22 @@ EndSection Exactly what keystroke "scrolling" events they should be bound to depends on one's taste. If this method is too approximate, one could - consider not using [572]-buttonmap but rather configuring the X server + consider not using [574]-buttonmap but rather configuring the X server to think it has a mouse with 5 buttons even though the physical mouse - does not. (e.g. 'Option "ZAxisMapping" "4 5"'). + does not. (e.g. 'Option "ZAxisMapping" "4 5"'.) Note that when a keysym-mapped mouse button is clicked down this immediately generates the key-press and key-release events (for each - keysym in turn if the mapping has a sequence of keysyms). When the + keysym in turn if the mapping has a sequence of keysyms.) When the mouse button goes back up nothing is generated. If you include modifier keys like Shift_L instead of key-press immediately followed by key-release the state of the modifier key is - toggled (however the initial state of the modifier key is ignored). So + toggled (however the initial state of the modifier key is ignored.) So to map the right button to type my name 'Karl Runge' I could use this: -buttonmap 3-:Shift_L+k+Shift_L+a+r+l+space+Shift_L+r+Shift_L+u+n+g+e: - (yes, this is getting a little silly). + (yes, this is getting a little silly.) BTW, Coming the other way around, if the machine you are sitting at does not have a mouse wheel, but the remote machine does (or at least @@ -6643,35 +6657,35 @@ EndSection you just tap those two keys to get the mouse wheel scrolls (this is more useful than the Up and Down arrow keys because a mouse wheel - "click" usually gives a multi-line scroll). + "click" usually gives a multi-line scroll.) [Keyboard Issues] Q-85: How can I get my AltGr and Shift modifiers to work between keyboards for different languages? - The option [573]-modtweak should help here. It is a mode that monitors + The option [575]-modtweak should help here. It is a mode that monitors the state of the Shift and AltGr Modifiers and tries to deduce the correct keycode to send, possibly by sending fake modifier key presses and releases in addition to the actual keystroke. Update: As of Jul/2004 -modtweak is now the default (use -nomodtweak - to get the old behavior). This was done because it was noticed on + to get the old behavior.) This was done because it was noticed on newer XFree86 setups even on bland "us" keyboards like "pc104 us" XFree86 included a "ghost" key with both "<" and ">" it. This key does - not exist on the keyboard (see [574]this FAQ for more info). Without + not exist on the keyboard (see [576]this FAQ for more info.) Without -modtweak there was then an ambiguity in the reverse map keysym => keycode, making it so the "<" symbol could not be typed. - Also see the [575]FAQ about the -xkb option for a more powerful method + Also see the [577]FAQ about the -xkb option for a more powerful method of modifier tweaking for use on X servers with the XKEYBOARD extension. When trying to resolve keyboard mapping problems, note that the - [576]-debug_keyboard option prints out much info for every keystroke + [578]-debug_keyboard option prints out much info for every keystroke and so can be useful debugging things. Note that one user had a strange setup and none of the above helped. - His solution was to disable all of the above and use [577]-nomodtweak. + His solution was to disable all of the above and use [579]-nomodtweak. This is the simplest form of keystroke insertion and it actually solved the problem. Try it if the other options don't help. @@ -6682,11 +6696,11 @@ EndSection Does your keyboard have a single key with both "<" and ">" on it? Even if it doesn't, your X server may think your keyboard has such a key (e.g. pc105 in the XF86Config file when it should be something else, - say pc104). + say pc104.) - Short Cut: Try the [578]-xkb or [579]-sloppy_keys options and see if + Short Cut: Try the [580]-xkb or [581]-sloppy_keys options and see if that helps the situation. The discussion below is a bit outdated (e.g. - [580]-modtweak is now the default) but it is useful reference for + [582]-modtweak is now the default) but it is useful reference for various tricks and so is kept. @@ -6719,7 +6733,7 @@ EndSection (If the numerical values are different for your setup, substitute the ones that correspond to your display. The above xmodmap scheme can often be used to work around other ambiguous keysym to keycode - mappings). + mappings.) Alternatively, here are some x11vnc options to try to work around the problem: @@ -6729,25 +6743,25 @@ EndSection -remap less-comma These are convenient in that they do not modify the actual X server - settings. The former ([581]-modtweak) is a mode that monitors the + settings. The former ([583]-modtweak) is a mode that monitors the state of the Shift and AltGr modifiers and tries to deduce the correct keycode sequence to send. Since Jul/2004 -modtweak is now the default. - The latter ([582]-remap less-comma) is an immediate remapping of the + The latter ([584]-remap less-comma) is an immediate remapping of the keysym less to the keysym comma when it comes in from a client (so - when Shift is down the comma press will yield "<"). + when Shift is down the comma press will yield "<".) - See also the [583]FAQ about the -xkb option as a possible workaround + See also the [585]FAQ about the -xkb option as a possible workaround using the XKEYBOARD extension. - Note that the [584]-debug_keyboard option prints out much info for + Note that the [586]-debug_keyboard option prints out much info for every keystroke to aid debugging keyboard problems. Q-87: Extra Character Inserted, E.g.: When I try to type a "<" (i.e. - less than) instead I get "<," (i.e. an extra comma). + less than) instead I get "<," (i.e. an extra comma.) This is likely because you press "Shift" then "<" but then released - the Shift key before releasing the "<". Because of a [585]keymapping + the Shift key before releasing the "<". Because of a [587]keymapping ambiguity the last event "< up" is interpreted as "," because that key unshifted is the comma. @@ -6755,9 +6769,9 @@ EndSection characters: in general it can happen whenever the Shift key is released early. - This should not happen in [586]-xkb mode, because it works hard to + This should not happen in [588]-xkb mode, because it works hard to resolve the ambiguities. If you do not want to use -xkb, try the - option [587]-sloppy_keys to attempt a similar type of algorithm. + option [589]-sloppy_keys to attempt a similar type of algorithm. One user had this problem for Italian and German keyboards with the key containing ":" and "." When he typed ":" he would get an extra "." @@ -6785,16 +6799,16 @@ EndSection In both cases no AltGr is sent to the VNC server, but we know AltGr is needed on the physical international keyboard to type a "@". - This all worked fine with x11vnc running with the [588]-modtweak + This all worked fine with x11vnc running with the [590]-modtweak option (it figures out how to adjust the Modifier keys (Shift or - AltGr) to get the "@"). However it fails under recent versions of - XFree86 (and the X.org fork). These run the XKEYBOARD extension by + AltGr) to get the "@".) However it fails under recent versions of + XFree86 (and the X.org fork.) These run the XKEYBOARD extension by default and make heavy use of it to handle international keyboards. To make a long story short, on these newer XFree86 setups the traditional X keymap lookup x11vnc uses is no longer accurate. x11vnc can't find the keysym "@" anywhere in the keymapping! (even though it - is in the XKEYBOARD extended keymapping). + is in the XKEYBOARD extended keymapping.) How to Solve: As of Jul/2004 x11vnc has two changes: * -modtweak (tweak Modifier keys) is now the default (use @@ -6802,17 +6816,17 @@ EndSection * there is a new option -xkb to use the XKEYBOARD extension API to do the Modifier key tweaking. - The [589]-xkb option seems to fix all of the missing keys: "@", "<", + The [591]-xkb option seems to fix all of the missing keys: "@", "<", ">", etc.: it is recommended that you try it if you have this sort of problem. Let us know if there are any remaining problems (see the next - paragraph for some known problems). If you specify the -debug_keyboard + paragraph for some known problems.) If you specify the -debug_keyboard (aka -dk) option twice you will get a huge amount of keystroke - debugging output (send it along with any problems you report). + debugging output (send it along with any problems you report.) Update: as of Jun/2005 x11vnc will try to automatically enable - [590]-xkb if it appears that would be beneficial (e.g. if it sees any + [592]-xkb if it appears that would be beneficial (e.g. if it sees any of "@", "<", ">", "[" and similar keys are mapped in a way that needs - the -xkb to access them). To disable this automatic check use -noxkb. + the -xkb to access them.) To disable this automatic check use -noxkb. Known problems: * One user had to disable a "ghost" Mode_switch key that was causing @@ -6825,34 +6839,34 @@ EndSection was attached to keycode 93 (no physical key generates this keycode) while ISO_Level3_Shift was attached to keycode 113. The keycode skipping option was used to disable the ghost key: - [591]-skip_keycodes 93 + [593]-skip_keycodes 93 * In implementing -xkb we noticed that some characters were still not getting through, e.g. "~" and "^". This is not really an XKEYBOARD problem. What was happening was the VNC viewer was sending the keysyms asciitilde and asciicircum to x11vnc, but on the X server with the international keyboard those keysyms were not mapped to any keys. So x11vnc had to skip them (Note: as of - May/2005 they are added by default see -add_keysyms below). + May/2005 they are added by default see -add_keysyms below.) The way these characters are typically entered on international keyboards is by "dead" (aka "mute") keys. E.g. to enter "~" at the physical display the keysym dead_tilde is pressed and released (this usually involves holding AltGr down while another key is pressed) and then space is pressed. (this can also be used get characters with the "~" symbol on top, e.g. "ã" by typing "a" - instead of space). + instead of space.) What to do? In general the VNC protocol has not really solved this problem: what should be done if the VNC viewer sends a keysym not recognized by the VNC server side? Workarounds can possibly be - created using the [592]-remap x11vnc option: + created using the [594]-remap x11vnc option: -remap asciitilde-dead_tilde,asciicircum-dead_circumflex etc. Use -remap filename if the list is long. Please send us your workarounds for this problem on your keyboard. Perhaps we can have x11vnc adjust automatically at some point. Also see the - [593]-add_keysyms option in the next paragraph. - Update: for convenience "[594]-remap DEAD" does many of these + [595]-add_keysyms option in the next paragraph. + Update: for convenience "[596]-remap DEAD" does many of these mappings at once. - * To complement the above workaround using the [595]-remap, an - option [596]-add_keysyms was added. This option instructs x11vnc + * To complement the above workaround using the [597]-remap, an + option [598]-add_keysyms was added. This option instructs x11vnc to bind any unknown Keysyms coming in from VNC viewers to unused Keycodes in the X server. This modifies the global state of the X server. When x11vnc exits it removes the extra keymappings it @@ -6871,7 +6885,7 @@ EndSection Short answer: disable key autorepeating by running the command "xset r off" on the Xserver where x11vnc is run (restore via "xset r on") or - use the new (Jul/2004) [597]-norepeat x11vnc option. You will still + use the new (Jul/2004) [599]-norepeat x11vnc option. You will still have autorepeating because that is taken care of on your VNC viewer side. @@ -6888,15 +6902,15 @@ EndSection Even without inducing changes in large regions of the screen, this problem could arise when accessing x11vnc via a dialup modem or - otherwise high latency link (e.g. > 250 ms latency). + otherwise high latency link (e.g. > 250 ms latency.) Look at the output of "xset q" for the "auto repeat delay" setting. Is it low (e.g. < 300 ms)? If you turn off autorepeat completely: "xset r off", does the problem go away? The workaround is to manually apply "xset r off" and "xset r on" as - needed, or to use the [598]-norepeat (which has since Dec/2004 been - made the default). Note that with X server autorepeat turned off the + needed, or to use the [600]-norepeat (which has since Dec/2004 been + made the default.) Note that with X server autorepeat turned off the VNC viewer side of the connection will (nearly always) do its own autorepeating so there is no big loss here, unless someone is also working at the physical display and misses his autorepeating. @@ -6906,7 +6920,7 @@ EndSection keystrokes!! Are you using x11vnc to log in to an X session via display manager? - (as described in [599]this FAQ) If so, x11vnc is starting before your + (as described in [601]this FAQ) If so, x11vnc is starting before your session and it disables autorepeat when you connect, but then after you log in your session startup (GNOME, KDE, ...) could be resetting the autorepeat to be on. Or it could be something inside your desktop @@ -6967,12 +6981,12 @@ EndSection desktop manages these "warps". If the viewer is not notified it cannot know it needs to release the modifiers. - You can also use the [600]-clear_mods option to try to clear all of + You can also use the [602]-clear_mods option to try to clear all of the modifier keys at x11vnc startup. You will still have to be careful that you do not leave the modifier key pressed down during your session. It is difficult to prevent this problem from occurring (short - of using [601]-remap to prevent sending all of the problem modifier - keys, which would make the destkop pretty unusable). + of using [603]-remap to prevent sending all of the problem modifier + keys, which would make the destkop pretty unusable.) During a session these x11vnc remote control commands can also help: x11vnc -R clear_mods @@ -6983,23 +6997,23 @@ EndSection A similar problem can occur if you accidentally press the Caps_Lock or Num_Lock down. When these are locked on the remote side it can sometimes lead to strange desktop behavior (e.g. cannot drag or click - on windows). As above you may not notice this because the lock isn't - down on the local (Viewer) side. See [602]this FAQ on lock keys - problem. These options may help avoid the problem: [603]-skip_lockkeys - and [604]-capslock. See also [605]-clear_all. + on windows.) As above you may not notice this because the lock isn't + down on the local (Viewer) side. See [604]this FAQ on lock keys + problem. These options may help avoid the problem: [605]-skip_lockkeys + and [606]-capslock. See also [607]-clear_all. Q-92: The machine where I run x11vnc has an AltGr key, but the local machine where I run the VNC viewer does not. Is there a way I can map a local unused key to send an AltGr? How about a Compose key as well? - Something like "[606]-remap Super_R-Mode_switch" x11vnc option may + Something like "[608]-remap Super_R-Mode_switch" x11vnc option may work. Note that Super_R is the "Right Windoze(tm) Flaggie" key; you may want to choose another. The -debug_keyboard option comes in handy - in finding keysym names (so does xev(1)). + in finding keysym names (so does xev(1).) For Compose how about "-remap Menu-Multi_key" (note that Multi_key is - the official name for Compose). To do both at the same time: "-remap + the official name for Compose.) To do both at the same time: "-remap Super_R-Mode_switch,Menu-Multi_key" or use "-remap filename" to specify remappings from a file. @@ -7012,11 +7026,11 @@ EndSection Here are a couple ideas. The first one is to simply use xmodmap(1) to adjust the Sun X server. Perhaps xmodmap -e "keysym Alt_L = Meta_L Alt_L" will do the trick. (there are other ways to do it, one user - used: xmodmap -e "keycode 26 = Meta_L" for his setup). + used: xmodmap -e "keycode 26 = Meta_L" for his setup.) Since xmodmap(1) modifies the X server mappings you may not want to do - this (because it affects local work on that machine). Something like - the [607]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones + this (because it affects local work on that machine.) Something like + the [609]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones needs, and does not modify the X server environment. Note that you cannot send Alt_L in this case, maybe -remap Super_L-Meta_L would be a better choice if the Super_L key is typically unused in Unix. @@ -7036,7 +7050,7 @@ EndSection and similar triple mappings (with two in the AltGr/Mode_switch group) of a keysum to a single keycode. - Use the [608]-nomodtweak option as a workaround. You can also use + Use the [610]-nomodtweak option as a workaround. You can also use xmodmap to correct these mappings in the server, e.g.: xmodmap -e "keycode 47 = 3 numbersign" @@ -7050,7 +7064,7 @@ EndSection This can be done directly in some X servers using AccessX and Pointer_EnableKeys, but is a bit awkward. It may be more convenient to - have x11vnc do the remapping. This can be done via the [609]-remap + have x11vnc do the remapping. This can be done via the [611]-remap option using the fake "keysyms" Button1, Button2, etc. as the "to" keys (i.e. the ones after the "-") @@ -7059,7 +7073,7 @@ EndSection button "paste" because (using XFree86/Xorg Emulate3Buttons) you have to click both buttons on the touch pad at the same time. This remapping: - [610]-remap Super_R-Button2 + [612]-remap Super_R-Button2 maps the Super_R "flag" key press to the Button2 click, thereby making X pasting a bit easier. @@ -7078,20 +7092,20 @@ EndSection Caps_Lock in the viewer your local machine goes into the Caps_Lock on state and sends keysym "A" say when you press "a". x11vnc will then fake things up so that Shift is held down to generate "A". The - [611]-skip_lockkeys option should help to accomplish this. For finer - grain control use something like: "[612]-remap Caps_Lock-None". + [613]-skip_lockkeys option should help to accomplish this. For finer + grain control use something like: "[614]-remap Caps_Lock-None". - Also try the [613]-nomodtweak and [614]-capslock options. + Also try the [615]-nomodtweak and [616]-capslock options. Another useful option that turns off any Lock keys on the remote side - at startup and end is the [615]-clear_all option. During a session you + at startup and end is the [617]-clear_all option. During a session you can run these remote control commands to modify the Lock keys: x11vnc -R clear_locks x11vnc -R clear_all the former will try to unset any Lock keys, the latter will do same and also try to make it so no key is pressed down (e.g. "stuck" Alt_L, - etc). + etc.) [Screen Related Issues and Features] Q-97: The remote display is larger (in number of pixels) than the @@ -7104,26 +7118,26 @@ EndSection view. For quick scrolling, also make sure Backing Store is enabled on the machine vncviewer is run on. (XFree86/Xorg disables it by default for some reason, add Option "backingstore" to XF86Config on the - vncviewer side). + vncviewer side.) BTW, contact me if you are having problems with vncviewer in - fullscreen mode with your window manager (i.e. no keyboard response). + fullscreen mode with your window manager (i.e. no keyboard response.) I have a workaround for vncviewer using XGrabServer(). There may also be scaling viewers out there (e.g. TightVNC or UltraVNC on Windows) that automatically shrink or expand the remote framebuffer to fit the local display. Especially for hand-held devices. See also - [616]the next FAQ on x11vnc scaling. + [618]the next FAQ on x11vnc scaling. Q-98: Does x11vnc support server-side framebuffer scaling? (E.g. to - make the desktop smaller). + make the desktop smaller.) As of Jun/2004 x11vnc provides basic server-side scaling. It is a global scaling of the desktop, not a per-client setting. To enable it - use the "[617]-scale fraction" option. "fraction" can either be a + use the "[619]-scale fraction" option. "fraction" can either be a floating point number (e.g. -scale 0.75) or the alternative m/n - fraction notation (e.g. -scale 3/4). Note that if fraction is greater + fraction notation (e.g. -scale 3/4.) Note that if fraction is greater than one the display is magnified. Extra resources (CPU, memory I/O, and memory) are required to do the @@ -7142,16 +7156,16 @@ EndSection features will be recognizable. BTW, "no blending" mode is forced on when scaling 8bpp PseudoColor displays (because blending an indexed colormap is a bad idea and leads to random colors, use :fb to force it - on). + on.) One can also use the ":nb" with an integer scale factor (say "-scale 2:nb") to use x11vnc as a screen magnifier for vision impaired - [618]applications. Since with integer scale factors the framebuffers + [620]applications. Since with integer scale factors the framebuffers become huge and scaling operations time consuming, be sure to use ":nb" for the fastest response. In general for a scaled display if you are using a TightVNC viewer you - may want to turn off jpeg encoding (e.g. vncviewer -nojpeg host:0). + may want to turn off jpeg encoding (e.g. vncviewer -nojpeg host:0.) There appears to be a noise enhancement effect, especially for regions containing font/text: the scaling can introduce some pixel artifacts that evidently causes the tight encoding algorithm to incorrectly @@ -7161,7 +7175,7 @@ EndSection readability of text when using -scale to shrink the display size. Also note that scaling may actually slow down the transfer of text regions because after being scaled they do not compress as well. (this can - often be a significant slowdown, e.g. 10X). + often be a significant slowdown, e.g. 10X.) Another issue is that it appears VNC viewers require the screen width to be a multiple of 4. When scaling x11vnc will round the width to the @@ -7172,33 +7186,33 @@ EndSection If one desires per-client scaling for something like 1:1 from a workstation and 1:2 from a smaller device (e.g. handheld), currently the only option is to run two (or more) x11vnc processes with - different scalings listening on separate ports ([619]-rfbport option, - etc.). + different scalings listening on separate ports ([621]-rfbport option, + etc.) Update: As of May/2006 x11vnc also supports the UltraVNC server-side scaling. This is a per-client scaling by factors 1/2, 1/3, ... and so may be useful for PDA's ("-scale 1/2", etc. will give similar results - except that it applies to all clients). You may need to supply + except that it applies to all clients.) You may need to supply "-rfbversion 3.6" for this to be recognized by UltraVNC viewers. BTW, whenever you run two or more x11vnc's on the same X display and - use the [620]GUI, then to avoid all of the x11vnc's simultaneously - answering the gui you will need to use something like [621]"-connect + use the [622]GUI, then to avoid all of the x11vnc's simultaneously + answering the gui you will need to use something like [623]"-connect file1 -gui ..." with different connect files for each x11vnc you want - to control via the gui (or remote-control). The "-connect file1" usage + to control via the gui (or remote-control.) The "-connect file1" usage gives separate communication channels between a x11vnc process and the gui process. Otherwise they all share the same X property channels: VNC_CONNECT and X11VNC_REMOTE. Update: As of Mar/2005 x11vnc now scales the mouse cursor with the same scale factor as the screen. If you don't want that, use the - [622]"-scale_cursor frac" option to set the cursor scaling to a + [624]"-scale_cursor frac" option to set the cursor scaling to a different factor (e.g. use "-scale_cursor 1" to keep the cursor at its - natural unscaled size). + natural unscaled size.) Q-99: Does x11vnc work with Xinerama? (i.e. multiple monitors joined - together to form one big, single screen). + together to form one big, single screen.) Yes, it should generally work because it simply polls the big effective screen. @@ -7211,30 +7225,30 @@ EndSection them. As of Jun/2008: Use "-clip xinerama0" to clip to the first xinerama - sub-screen (if xinerama is active). xinerama1 for the 2nd sub-screen, + sub-screen (if xinerama is active.) xinerama1 for the 2nd sub-screen, etc. This way you don't need to figure out the WxH+X+Y of the desired xinerama sub-screen. screens are sorted in increasing distance from - the (0,0) origin (I.e. not the Xserver's order). + the (0,0) origin (I.e. not the Xserver's order.) There are a couple potential issues with Xinerama however. If the screen is not rectangular (e.g. 1280x1024 and 1024x768 monitors joined together), then there will be "non-existent" areas on the screen. The X server will return "garbage" image data for these areas and so they - may be distracting to the viewer. The [623]-blackout x11vnc option + may be distracting to the viewer. The [625]-blackout x11vnc option allows you to blacken-out rectangles by manually specifying their WxH+X+Y geometries. If your system has the libXinerama library, the - [624]-xinerama x11vnc option can be used to have it automatically + [626]-xinerama x11vnc option can be used to have it automatically determine the rectangles to be blackened out. (Note on 8bpp - PseudoColor displays the fill color may not be black). Update: - [625]-xinerama is now on by default. + PseudoColor displays the fill color may not be black.) Update: + [627]-xinerama is now on by default. Some users have reported that the mouse does not behave properly for their Xinerama display: i.e. the mouse cannot be moved to all regions - of the large display. If this happens try using the [626]-xwarppointer + of the large display. If this happens try using the [628]-xwarppointer option. This instructs x11vnc to fake mouse pointer motions using the XWarpPointer function instead of the XTestFakeMotionEvent XTEST function. (This may be due to a bug in the X server for XTEST when - Xinerama is enabled). Update: As of Dec/2006 [627]-xwarppointer will + Xinerama is enabled.) Update: As of Dec/2006 [629]-xwarppointer will be applied automatically if Xinerama is detected. To disable use: -noxwarppointer @@ -7257,23 +7271,23 @@ EndSection Note: if you are running on Solaris 8 or earlier you can easily hit up against the maximum of 6 shm segments per process (for Xsun in this case) from running multiple x11vnc processes. You should modify - /etc/system as mentioned in another [628]FAQ to increase the limit. It - is probably also a good idea to run with the [629]-onetile option in + /etc/system as mentioned in another [630]FAQ to increase the limit. It + is probably also a good idea to run with the [631]-onetile option in this case (to limit each x11vnc to 3 shm segments), or even - [630]-noshm to use no shm segments. + [632]-noshm to use no shm segments. Q-101: Can x11vnc show only a portion of the display? (E.g. for a - special purpose application or a very large screen). + special purpose application or a very large screen.) - As of Mar/2005 x11vnc has the "[631]-clip WxH+X+Y" option to select a + As of Mar/2005 x11vnc has the "[633]-clip WxH+X+Y" option to select a rectangle of width W, height H and offset (X, Y). Thus the VNC screen will be the clipped sub-region of the display and be only WxH in size. - One user used -clip to split up a large [632]Xinerama screen into two + One user used -clip to split up a large [634]Xinerama screen into two more managable smaller screens. This also works to view a sub-region of a single application window if - the [633]-id or [634]-sid options are used. The offset is measured + the [635]-id or [636]-sid options are used. The offset is measured from the upper left corner of the selected window. @@ -7282,7 +7296,7 @@ EndSection just seems to crash. As of Dec/2004 x11vnc supports XRANDR. You enable it with the - [635]-xrandr option to make x11vnc monitor XRANDR events and also trap + [637]-xrandr option to make x11vnc monitor XRANDR events and also trap X server errors if the screen change occurred in the middle of an X call like XGetImage. Once it traps the screen change it will create a new framebuffer using the new screen. @@ -7291,10 +7305,10 @@ EndSection (Windows TightVNC viewer and RealVNC 4.0 windows and Unix viewers do) then the viewer will automatically resize. Otherwise, the new framebuffer is fit as best as possible into the original viewer size - (portions of the screen may be clipped, unused, etc). For these - viewers you can try the [636]-padgeom option to make the region big + (portions of the screen may be clipped, unused, etc.) For these + viewers you can try the [638]-padgeom option to make the region big enough to hold all resizes and rotations. We have fixed this problem - for the TightVNC Viewer on Unix: [637]SSVNC + for the TightVNC Viewer on Unix: [639]SSVNC If you specify "-xrandr newfbsize" then vnc viewers that do not support NewFBSize will be disconnected before the resize. If you @@ -7304,9 +7318,9 @@ EndSection Q-103: Independent of any XRANDR, can I have x11vnc rotate and/or reflect the screen that the VNC viewers see? (e.g. for a handheld - whose screen is rotated 90 degrees). + whose screen is rotated 90 degrees.) - As of Jul/2006 there is the [638]-rotate option allow this. E.g's: + As of Jul/2006 there is the [640]-rotate option allow this. E.g's: "-rotate +90", "-rotate -90", "-rotate x", etc. @@ -7319,14 +7333,14 @@ EndSection Q-105: I use Linux Virtual Consoles (VC's) to implement 'Fast User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7, Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those - keystrokes to switch between their sessions). How come the view in a + keystrokes to switch between their sessions.) How come the view in a VNC viewer connecting to x11vnc is either completely black or otherwise all messed up unless the X session x11vnc is attached to is in the active VC? This seems to have to do with how applications (the X server processes in this case) must "play nicely" if they are not on the active VC - (sometimes called VT for virtual terminal). That is, they should not + (sometimes called VT for virtual terminal.) That is, they should not read from the keyboard or mouse or manage the video display unless they have the active VC. Given that it appears the XGetImage() call must ultimately retrieve the framebuffer data from the video hardware @@ -7334,7 +7348,7 @@ EndSection X session had active control of the VC. There does not seem to be an easy way to work around this. Even xwd(1) - doesn't work in this case (try it). Something would need to be done at + doesn't work in this case (try it.) Something would need to be done at a lower level, say in the XFree86/Xorg X server. Also, using the Shadow Framebuffer (a copy of the video framebuffer is kept in main memory) does not appear to fix the problem. @@ -7371,20 +7385,20 @@ EndSection This may be a bug in kdesktop_lock. For now the only workaround is to disable the screensaver. You can try using another one such as - straight xscreensaver (see the instructions [639]here for how to - disable kdesktop_lock). If you have more info on this or see it + straight xscreensaver (see the instructions [641]here for how to + disable kdesktop_lock.) If you have more info on this or see it outside of KDE please let us know. Update: It appears this is due to kdesktop_lock enabling the screen saver when the Monitor is in DPMS low-power state (e.g. standby, - suspend, or off). In Nov/2006 the x11vnc [640]-nodpms option was added + suspend, or off.) In Nov/2006 the x11vnc [642]-nodpms option was added as a workaround. Normally it is a good thing that the monitor powers down (since x11vnc can still poll the framebuffer in this state), but if you experience the kdesktop_lock problem you can specify the "-nodpms" option to keep the Monitor out of low power state while VNC clients are connected. This is basically the same as typing "xset dpms force on" periodically. (if you don't want to do these things just - disable the screensaver). Feel free to file a bug against + disable the screensaver.) Feel free to file a bug against kdesktop_lock with KDE. Q-108: I am running the beryl 3D window manager (or compiz, MythTv, @@ -7393,16 +7407,16 @@ EndSection This appears to be because the 3D OpenGL/GLX hardware screen updates do not get reported via the XDAMAGE mechanism. So this is a bug in - [641]beryl/compiz or XDAMAGE/Xorg or the (possibly 3rd party) video + [643]beryl/compiz or XDAMAGE/Xorg or the (possibly 3rd party) video card driver. - As a workaround apply the [642]-noxdamage option. As of Feb/2007 + As a workaround apply the [644]-noxdamage option. As of Feb/2007 x11vnc will try to autodetect the problem and disable XDAMAGE if is appears to be missing a lot of updates. But if you know you are using - beryl you might as well always supply -noxdamage. Thanks to [643]this + beryl you might as well always supply -noxdamage. Thanks to [645]this user who reported the problem and discovered the workaround. - A developer for [644]MiniMyth reports that the 'alphapulse' tag of the + A developer for [646]MiniMyth reports that the 'alphapulse' tag of the theme G.A.N.T. can also cause problems, and should be avoided when using VNC. @@ -7422,10 +7436,10 @@ EndSection * Fullscreen mode The way VMWare does Fullscreen mode on Linux is to display the Guest - desktop in a separate Virtual Console (e.g. VC 8) (see [645]this FAQ - on VC's for background). Unfortunately, this Fullscreen VC is not an X - server. So x11vnc cannot access it (however, [646]see this discussion - of -rawfb for a possible workaround). x11vnc works fine with "Normal X + desktop in a separate Virtual Console (e.g. VC 8) (see [647]this FAQ + on VC's for background.) Unfortunately, this Fullscreen VC is not an X + server. So x11vnc cannot access it (however, [648]see this discussion + of -rawfb for a possible workaround.) x11vnc works fine with "Normal X application window" and "Quick-Switch mode" because these use X. Update: It appears the in VMWare 5.x the Fullscreen mode is X, so @@ -7445,19 +7459,19 @@ EndSection improve response. One can also cut the display depth (e.g. to 16bpp) in this 2nd X session to improve video performance. This 2nd X session emulates Fullscreen mode to some degree and can be viewed via x11vnc - as long as the VMWare X session [647]is in the active VC. + as long as the VMWare X session [649]is in the active VC. Also note that with a little bit of playing with "xwininfo -all -children" output one can extract the (non-toplevel) window-id of the of the Guest desktop only when VMWare is running as a normal X application. Then one can export just the guest desktop (i.e. without - the VMWare menu buttons) by use of the [648]-id windowid option. The + the VMWare menu buttons) by use of the [650]-id windowid option. The caveats are the X session VMWare is in must be in the active VC and the window must be fully visible, so this mode is not terribly convenient, but could be useful in some circumstances (e.g. running VMWare on a very powerful server machine in a server room that happens to have a video card, (but need not have a monitor, Keyboard or - mouse)). + mouse).) @@ -7467,10 +7481,10 @@ EndSection controlled) via VNC with x11vnc? As of Apr/2005 there is support for this. Two options were added: - "[649]-rawfb string" (to indicate the raw frame buffer device, file, - etc. and its parameters) and "[650]-pipeinput command" (to provide an + "[651]-rawfb string" (to indicate the raw frame buffer device, file, + etc. and its parameters) and "[652]-pipeinput command" (to provide an external program that will inject or otherwise process mouse and - keystroke input). Some useful [651]-pipeinput schemes, VID, CONSOLE, + keystroke input.) Some useful [653]-pipeinput schemes, VID, CONSOLE, and UINPUT, have since been built into x11vnc for convenience. This non-X mode for x11vnc is somewhat experimental because it is so @@ -7483,7 +7497,7 @@ EndSection The format for the -rawfb string is: -rawfb <type>:<object>@<W>x<H>x<bpp>[-<BPL>][:<R>/<G>/<B>][+<offset>] - There are also some useful aliases (e.g. "console"). Some examples: + There are also some useful aliases (e.g. "console".) Some examples: -rawfb shm:210337933@800x600x32:ff/ff00/ff0000 -rawfb map:/dev/fb0@1024x768x16 @@ -7507,12 +7521,12 @@ EndSection So the type can be "shm" for shared memory objects, and "map" or "file" for file objects. "map" uses mmap(2) to map the file into memory and is preferred over "file" (that uses the slower lseek(2) - access method). Only use file if map isn't working. BTW, "mmap" is an + access method.) Only use file if map isn't working. BTW, "mmap" is an alias for "map" and if you do not supply a type and the file exists, map is assumed (see the -help output and below for some exceptions to - this). The "snap:" setting applies the [652]-snapfb option with + this.) The "snap:" setting applies the [654]-snapfb option with "file:" type reading (this is useful for exporting webcams or TV tuner - video; see [653]the next FAQ for more info). + video; see [655]the next FAQ for more info.) Also, if the string is of the form "setup:cmd" then cmd is run and the first line of its output retrieved and used as the rawfb string. This @@ -7536,19 +7550,19 @@ EndSection bits per pixel (bpp) of the framebuffer. This is the @WxHxB field. For the case of the Linux framebuffer device, /dev/fb0, the fbset(8) may be of use (but may not always be accurate for what is currently - viewable). In general some guessing may be required, especially for + viewable.) In general some guessing may be required, especially for the bpp. Update: in "-rawfb console" mode x11vnc will use the linuxfb - API to try to guess (it is still not always accurate). Also try + API to try to guess (it is still not always accurate.) Also try "-rawfb vtN" for the N-th Linux text console (aka virtual terminal.) If the number of Bytes Per Line is not WxHxB/8 (i.e. the framebuffer lines are padded) you can specify this information after WxHxB via "-BPL", e.g. @800x600x16-2048 Based on the bpp x11vnc will try to guess the red, green, and blue - masks (these indicate which bits correspond to each color). It if gets + masks (these indicate which bits correspond to each color.) It if gets it wrong you can specify them manually via the optional ":R/G/B" field. E.g. ":0xff0000/0x00ff00/0x0000ff" (this is the default for - 32bpp). + 32bpp.) Finally, the framebuffer may not begin at the beginning of the memory object, so use the optional "+offset" parameter to indicate where the @@ -7557,16 +7571,16 @@ EndSection screen to either shm or a mapped file. The format of these is XWD and so the initial header should be skipped. BTW, since XWD is not strictly RGB the view will only be approximate, but usable. Of course - for the case of Xvfb x11vnc can poll it much better via the [654]X + for the case of Xvfb x11vnc can poll it much better via the [656]X API, but you get the idea. By default in -rawfb mode x11vnc will actually close any X display it happened to open. This is basically to shake out bugs (e.g it will - crash rather than mysteriously interacting with the X display). If you + crash rather than mysteriously interacting with the X display.) If you want x11vnc to keep the X display open while polling the raw framebuffer prefix a "+" sign at the beginning of the string (e.g. +file:/dev/urandom@64x64x8) This could be convenient for keeping the - remote control channel active (it uses X properties). The "-connect + remote control channel active (it uses X properties.) The "-connect /path/to/file" mechanism could also be used for remote control to avoid the X property channel. Rare usage, but if you also supply -noviewonly in this "+" mode then the mouse and keyboard input are @@ -7585,28 +7599,28 @@ minal #2) The Linux console, /dev/fb0, etc needs to have its driver enabled in the kernel. Some of the drivers are video card specific and accelerated. The console is either the Text consoles (usually - tty1-tty6), or X graphical display (usually starting at tty7). In + tty1-tty6), or X graphical display (usually starting at tty7.) In addition to the text console other graphical ones may be viewed and interacted with as well, e.g. DirectFB or SVGAlib apps, VMWare non-X - fullscreen, or [655]Qt-embedded apps (PDAs/Handhelds). By default the + fullscreen, or [657]Qt-embedded apps (PDAs/Handhelds.) By default the pipeinput mechanisms UINPUT and CONSOLE (keystrokes only) are automatically attempted in this mode under "-rawfb console". The Video4Linux Capture device, /dev/video0, etc is either a Webcam or a TV capture device and needs to have its driver enabled in the - kernel. See [656]this FAQ for details. If specified via "-rawfb Video" + kernel. See [658]this FAQ for details. If specified via "-rawfb Video" then the pipeinput method "VID" is applied (it lets you change video - parameters dynamically via keystrokes). + parameters dynamically via keystrokes.) The last two, /dev/urandom and /dev/zero are just for fun, but are also useful in testing. - All of the above [657]-rawfb options are just for viewing the raw + All of the above [659]-rawfb options are just for viewing the raw framebuffer (although some of the aliases do imply keystroke and mouse - pipeinput methods). That may be enough for certain applications of - this feature (e.g. suppose a [658]video camera mapped its framebuffer - into memory and you just wanted to look at it via VNC). + pipeinput methods.) That may be enough for certain applications of + this feature (e.g. suppose a [660]video camera mapped its framebuffer + into memory and you just wanted to look at it via VNC.) To handle the pointer and keyboard input from the viewer users the "-pipeinput cmd" option was added to indicate a helper program to process the user input. The input is streamed to it and looks @@ -7633,7 +7647,7 @@ minal #2) framebuffer. In the libvncserver CVS a simple example program x11vnc/misc/slide.pl is provided that demonstrates a simple jpeg "slideshow" application. Also the builtin "-pipeinput VID" mode does - this for webcams and TV capture devices (/dev/video0). + this for webcams and TV capture devices (/dev/video0.) The -pipeinput program is run with these environment variables set: X11VNC_PID, X11VNC_PROG, X11VNC_CMDLINE, X11VNC_RAWFB_STR to aid its @@ -7643,7 +7657,7 @@ minal #2) keystrokes into the Linux console (e.g. the virtual consoles: /dev/tty1, /dev/tty2, etc) in x11vnc/misc/vcinject.pl. It is based on the vncterm/LinuxVNC.c program also in the libvncserver CVS. So to - view and interact with VC #2 (assuming it is the [659]active VC) one + view and interact with VC #2 (assuming it is the [661]active VC) one can run something like: x11vnc -rawfb map:/dev/fb0@1024x768x16 -pipeinput './vcinject.pl 2' @@ -7665,7 +7679,7 @@ minal #2) If the rawfb string begins with "console" the framebuffer device /dev/fb0 is opened (this requires the appropriate kernel modules to be installed) and so is /dev/tty0. The latter is used to inject - keystrokes (not all are supported, but the basic ones are). You + keystrokes (not all are supported, but the basic ones are.) You will need to be root to inject keystrokes. /dev/tty0 refers to the active VT, to indicate one explicitly, use "console2", etc. using the VT number. @@ -7676,7 +7690,7 @@ minal #2) and mouse input and so it preferred when accessing graphical (e.g. Qt-embedded) linux console apps. See -pipeinput UINPUT below for more information on this mode (you may want to also use the - -nodragging and -cursor none options). Use "console0", etc or + -nodragging and -cursor none options.) Use "console0", etc or -pipeinput CONSOLE to force the /dev/ttyN method. Note you can change VT remotely using the chvt(1) command. @@ -7698,7 +7712,7 @@ minal #2) better to use the more accurate and faster LinuxVNC program. The advantage x11vnc -rawfb might have is that it can allow interaction with a non-text application, e.g. one based on SVGAlib or - [660]Qt-embedded Also, for example the [661]VMWare Fullscreen mode is + [662]Qt-embedded Also, for example the [663]VMWare Fullscreen mode is actually viewable under -rawfb and can be interacted with if uinput is enabled. @@ -7762,9 +7776,9 @@ minal #2) Q-112: Can I export via VNC a Webcam or TV tuner framebuffer using x11vnc? - Yes, this is possible to some degree with the [662]-rawfb option. + Yes, this is possible to some degree with the [664]-rawfb option. There is no X11 involved: snapshots from the video capture device are - used for the screen image data. See the [663]previous FAQ on -rawfb + used for the screen image data. See the [665]previous FAQ on -rawfb for background. For best results, use x11vnc version 0.8.1 or later. Roughly, one would do something like this: @@ -7774,9 +7788,9 @@ minal #2) video device. This is true for video4Linux on Linux kernel 2.6 and later (it won't work for 2.4, you'll need a separate program to snapshot to a file that you point -rawfb to; ask me if it is not clear - what to do). + what to do.) - The "snap:" enforces [664]-snapfb mode which appears to be necessary. + The "snap:" enforces [666]-snapfb mode which appears to be necessary. The read pointer for video capture devices cannot be repositioned (which would be needed for scanline polling), but you can read a full frame of data from the device. @@ -7794,11 +7808,11 @@ minal #2) (e.g. size and brightness) via x11vnc. See the description below. Without Video4Linux you will need to initialize the settings of the video device using something like xawtv or spcaview (and then hope the - settings persist until x11vnc reopens the device). + settings persist until x11vnc reopens the device.) Many video4linux drivers tend to set the framebuffer to be 24bpp (as - opposed to 32bpp). Since this can cause problems with VNC viewers, - etc, the [665]-24to32 option will be automatically imposed when in + opposed to 32bpp.) Since this can cause problems with VNC viewers, + etc, the [667]-24to32 option will be automatically imposed when in 24bpp. Note that by its very nature, video capture involves rapid change in @@ -7806,7 +7820,7 @@ minal #2) wavering in brightness is always happening. This can lead to much network bandwidth consumption for the VNC traffic and also local CPU and I/O resource usage. You may want to experiment with "dialing down" - the framerate via the [666]-wait, [667]-slow_fb, or [668]-defer + the framerate via the [668]-wait, [669]-slow_fb, or [670]-defer options. Decreasing the window size and bpp also helps. @@ -7840,15 +7854,15 @@ minal #2) Related to the bpp above, the pixel format can be set via the fmt=XXX, where XXX can be one of: GREY, HI240, RGB555, RGB565, - RGB24, and RGB32 (with bpp 8, 8, 16, 16, 24, and 32 respectively). - See http://www.linuxtv.org for more info (V4L api). + RGB24, and RGB32 (with bpp 8, 8, 16, 16, 24, and 32 respectively.) + See http://www.linuxtv.org for more info (V4L api.) For TV/rf tuner cards one can set the tuning mode via tun=XXX where XXX can be one of PAL, NTSC, SECAM, or AUTO. One can switch the input channel by the inp=XXX setting, where XXX is the name of the input channel (Television, Composite1, S-Video, - etc). Use the name that is in the information about the device that + etc.) Use the name that is in the information about the device that is printed at startup. For input channels with tuners (e.g. Television) one can change @@ -7895,16 +7909,16 @@ minal #2) format to HI240, RGB565, RGB24, RGB32, RGB555, and GREY respectively. See -rawfb video for details. - See also the [669]-freqtab option to supply your own xawtv channel to + See also the [671]-freqtab option to supply your own xawtv channel to frequency mappings for your country (only ntsc-cable-us is built into - x11vnc). + x11vnc.) Q-113: Can I connect via VNC to a Qt-embedded/Qtopia application running on my handheld or PC using the Linux console framebuffer (i.e. not X11)? - Yes, the basic method for this is the [670]-rawfb scheme where the + Yes, the basic method for this is the [672]-rawfb scheme where the Linux console framebuffer (usually /dev/fb0) is polled and the uinput driver is used to inject keystrokes and mouse input. Often you will just have to type: @@ -7917,14 +7931,14 @@ minal #2) x11vnc -rawfb /dev/fb0@640x480x16 Also, to force usage of the uinput injection method use "-pipeinput - UINPUT". See the [671]-pipeinput description for tunable parameters, + UINPUT". See the [673]-pipeinput description for tunable parameters, etc. One problem with the x11vnc uinput scheme is that it cannot guess the mouse motion "acceleration" used by the windowing application (e.g. - QWS or X11). For X11 and Qt-embedded the acceleration is usually 2 + QWS or X11.) For X11 and Qt-embedded the acceleration is usually 2 (i.e. a dx of 1 from the mouse yields a 2 pixel displacement of the - mouse cursor). The default x11vnc uses is 2, since that is often used. + mouse cursor.) The default x11vnc uses is 2, since that is often used. However for one Qt-embedded system we needed to do: x11vnc -rawfb console -pipeinput UINPUT:accel=4.0 @@ -7933,7 +7947,7 @@ minal #2) Even with the correct acceleration setting there is still some drift (probably because of the mouse threshold where the acceleration kicks in) and so x11vnc needs to reposition the cursor from 0,0 about 5 - times a second. See the [672]-pipeinput UINPUT option for tuning + times a second. See the [674]-pipeinput UINPUT option for tuning parameters that can be set (there are some experimental thresh=N tuning parameters as well) @@ -7945,7 +7959,7 @@ minal #2) environment be sure to run strip(1) on it and also consider configuring with, e.g. "env CPPFLAGS='-DSMALL_FOOTPRINT=1' ./configure ..." to remove rarely used features and large texts (use 2 or 3 - instead of 1 to remove more). Currently (Jul/2006) this can lower the + instead of 1 to remove more.) Currently (Jul/2006) this can lower the size of the x11vnc from 1.1MB to 0.6-0.7MB. The x11vnc uinput method applies to nearly anything on the Linux @@ -7953,7 +7967,7 @@ minal #2) fbcon driver, SVGAlib applications can also be viewed and interacted with. Even a Linux X session can be viewed and interacted with without using X11 (and x11vnc does not have to terminate when the X server - restarts!). The Linux Text consoles (F1-F6) also work. + restarts!) The Linux Text consoles (F1-F6) also work. Note that Qt-embedded supplies its own VNC graphics driver, but it cannot do both the Linux console framebuffer and VNC at the same time, @@ -7968,7 +7982,7 @@ minal #2) Q-114: Now that non-X11 devices can be exported via VNC using x11vnc, can I build it with no dependencies on X11 header files and libraries? - Yes, as of Jul/2006 x11vnc enables building for [673]-rawfb only + Yes, as of Jul/2006 x11vnc enables building for [675]-rawfb only support. Just do something like when building: ./configure --without-x (plus any other flags) make @@ -7984,11 +7998,11 @@ minal #2) Yes, since Nov/2006 in the development tree (x11vnc-0.8.4 tarball) there is support for native Mac OS X Aqua/Quartz displays using the - [674]-rawfb mechanism described above. The mouse and keyboard input is + [676]-rawfb mechanism described above. The mouse and keyboard input is achieved via Mac OS X API's. - So you can use x11vnc as an alternative to [675]OSXvnc (aka Vine - Server), or [676]Apple Remote Desktop (ARD). Perhaps there is some + So you can use x11vnc as an alternative to [677]OSXvnc (aka Vine + Server), or [678]Apple Remote Desktop (ARD). Perhaps there is some x11vnc feature you'd like to use on Mac OS X, etc. For a number of activities (e.g. window drags) it seems to be faster than OSXvnc. @@ -7997,14 +8011,14 @@ minal #2) X11: x11vnc will also work (as it has for years) with a X11 server (XDarwin) running on Mac OS X (people often install this software to display remote X11 apps on their Mac OS X system, or use some old - favorites locally such as xterm). However in this case x11vnc will - only work reasonably in single window [677]-id windowid mode (and the - window may need to have mouse focus). + favorites locally such as xterm.) However in this case x11vnc will + only work reasonably in single window [679]-id windowid mode (and the + window may need to have mouse focus.) If you do not have the DISPLAY env. variable set, x11vnc will assume native Aqua/Quartz on Mac OS X, however if DISPLAY is set it will assume an X11 connection. Use "-rawfb console" to force the native - display (or unset DISPLAY). + display (or unset DISPLAY.) Update: Leopard sets DISPLAY by default in all sessions. Since it starts with the string "/tmp/" x11vnc will use that to know if it @@ -8016,9 +8030,9 @@ minal #2) ./configure --without-x make - Win2VNC/x2vnc: One handy use is to use the [678]-nofb mode to + Win2VNC/x2vnc: One handy use is to use the [680]-nofb mode to redirect mouse and keyboard input to a nearby Mac (i.e. one to the - side of your desk) via [679]x2vnc or Win2VNC. See [680]this FAQ for + side of your desk) via [681]x2vnc or Win2VNC. See [682]this FAQ for more info. Options: Here are the Mac OS X specific x11vnc options: @@ -8029,7 +8043,7 @@ minal #2) -macnowait For the native Mac OS X server, do not wait for the user to switch back to his display. -macwheel n For the native Mac OS X server, set the mouse wheel - speed to n (default 5). + speed to n (default 5.) -macnoswap For the native Mac OS X server, do not swap mouse buttons 2 and 3. -macnoresize For the native Mac OS X server, do not resize or rese @@ -8050,7 +8064,7 @@ ct PasteBoard/Clipboard: There is a bug that the Clipboard (called PasteBoard on Mac it appears) exchange will not take place unless x11vnc was started from inside the Aqua display (e.g. started inside a - Terminal app window). Otherwise it cannot connect to the PasteBoard + Terminal app window.) Otherwise it cannot connect to the PasteBoard server. So Clipboard exchange won't work for our standard "ssh in" startup scheme. @@ -8085,20 +8099,20 @@ rm -f $tmp where you should customize the x11vnc command line to your needs and the full path to the binary. Save it in a file e.g. "start_x11vnc" and then after you SSH in just type "./start_x11vnc" (or have ssh run the - command for you). Then once you are connected via VNC, iconify the - Terminal windows (you can't delete them since that will kill x11vnc). + command for you.) Then once you are connected via VNC, iconify the + Terminal windows (you can't delete them since that will kill x11vnc.) Q-116: Can x11vnc be used as a VNC reflector/repeater to improve performance for the case of a large number of simultaneous VNC viewers (e.g. classroom broadcasting or a large demo)? - Yes, as of Feb/2007 there is the "[681]-reflect host:N" option to + Yes, as of Feb/2007 there is the "[683]-reflect host:N" option to connect to the VNC server "host:N" (either another x11vnc or any other VNC server) and re-export it. VNC viewers then connect to the x11vnc(s) running -reflect. The -reflect option is the same as: "-rawfb vnc:host:N". See the - [682]-rawfb description under "VNC HOST" for more details. + [684]-rawfb description under "VNC HOST" for more details. You can replace "host:N" with "listen" or "listen:port" for reverse connections. @@ -8150,27 +8164,27 @@ rm -f $tmp framebuffer writes (e.g. jpeg image region) then the repeater may block waiting for that large write to finish before going onto the next client (however, if the write is small enough, the kernel will - buffer it and the server can go on to service the next client). + buffer it and the server can go on to service the next client.) The x11vnc -reflect implementation uses the libvncclient library in the LibVNCServer project to handle the connection to "S". It is not currently very efficient since it simply does its normal framebuffer polling scheme on the libvncclient framebuffer (which it then - re-exports via VNC to its clients C). However, CopyRect and + re-exports via VNC to its clients C.) However, CopyRect and CursorShape encodings are preserved in the reflection and that helps. Dragging windows with the mouse can be a problem (especially if S is - not doing wireframing somehow, consider [683]-nodragging if the + not doing wireframing somehow, consider [685]-nodragging if the problem is severe) For a really fast reflector/repeater it would have to be implemented from scratch with performance in mind. See these other projects: - [684]http://sourceforge.net/projects/vnc-reflector/, - [685]http://www.tightvnc.com/projector/ (closed source?), + [686]http://sourceforge.net/projects/vnc-reflector/, + [687]http://www.tightvnc.com/projector/ (closed source?), Automation via Reverse Connections: Instead of having the R's connect directly to S and then the C's connect directly to the R they should use, some convenience can be achieved by using reverse - connections (the x11vnc "[686]"-connect host1,host2,..." option). + connections (the x11vnc "[688]"-connect host1,host2,..." option.) Suppose all the clients "C" are started up in Listen mode: client1> vncviewer -listen client2> vncviewer -listen @@ -8190,7 +8204,7 @@ rm -f $tmp vncserver> x11vnc -display :0 -connect repeater1,repeater2,...repeater8 (or instruct a non-x11vnc VNC server to reverse connect to the - repeaters). For a classroom broadcasting setup one might have the + repeaters.) For a classroom broadcasting setup one might have the first two sets of commands start automatically at bootup or when someone logs in, and then start everything up with the S server. One may even be able to script the forward connection bootstrap case, let @@ -8208,7 +8222,7 @@ rm -f $tmp Usually the OS install will have to be a network-install in order to have networking up during the install. Otherwise, you may have a (slim) chance to configure the networking manually (ifconfig(8) and - route(8)). + route(8).) To avoid library dependencies problems in the typical minimal (e.g. busybox) installation OS it is a good idea to build a statically @@ -8229,7 +8243,7 @@ rm -f $tmp If the Solaris install is an older X-based one, there will be a menu for you to get a terminal window. From that window you might be able to retrieve x11vnc.static via wget, scp, or ftp. Remember to do "chmod - 755 ./x11vnc.static" and then find the -auth file as in [687]this FAQ. + 755 ./x11vnc.static" and then find the -auth file as in [689]this FAQ. If it is a Linux install that uses an X server (e.g. SuSE and probably Fedora), then you can often get a shell by pressing Ctrl-Alt-F2 or @@ -8238,8 +8252,8 @@ rm -f $tmp wget http://192.168.0.22/x11vnc.static chmod 755 ./x11vnc.static - Find the name of the auth file as in [688]this FAQ. (maybe run "ps - wwwwaux | grep auth"). Then run it like this: + Find the name of the auth file as in [690]this FAQ. (maybe run "ps + wwwwaux | grep auth".) Then run it like this: ./x11vnc.static -forever -nopw -display :0 -auth /tmp/wherever/the/authfile then press Alt-F7 to go back to the X install. You should now be able @@ -8247,7 +8261,7 @@ rm -f $tmp the display being :1, etc. If there is a firewall blocking incoming connections during the - install, use the [689]"-connect hostname" option option for a reverse + install, use the [691]"-connect hostname" option option for a reverse connection to the hostname running the VNC viewer in listen mode. Debian based installs are either console-text or console-framebuffer @@ -8295,12 +8309,12 @@ rm -f $tmp As of Jan/2004 x11vnc supports the "CutText" part of the rfb protocol. Furthermore, x11vnc is able to hold the PRIMARY and CLIPBOARD - selection (Xvnc does not seem to do this). If you don't want the - Clipboard/Selection exchanged use the [690]-nosel option. If you don't + selection (Xvnc does not seem to do this.) If you don't want the + Clipboard/Selection exchanged use the [692]-nosel option. If you don't want the PRIMARY selection to be polled for changes use the - [691]-noprimary option. (with a similar thing for CLIPBOARD). You can - also fine-tune it a bit with the [692]-seldir dir option and also - [693]-input. + [693]-noprimary option. (with a similar thing for CLIPBOARD.) You can + also fine-tune it a bit with the [694]-seldir dir option and also + [695]-input. You may need to watch out for desktop utilities such as KDE's "Klipper" that do odd things with the selection, clipboard, and @@ -8312,7 +8326,7 @@ rm -f $tmp Yes, it is possible with a number of tools that record VNC and transform it to swf format or others. One such popular tool is - [694]pyvnc2swf. There are a number of [695]tutorials (broken link?) on + [696]pyvnc2swf. There are a number of [697]tutorials (broken link?) on how to do this. Another option is to use the vnc2mpg that comes in the LibVNCServer package. An important thing to remember when doing this is that tuning @@ -8325,19 +8339,19 @@ rm -f $tmp and UltraVNC file transfer implementations that were added to libvncserver. This currently works with TightVNC and UltraVNC viewers (and Windows viewers only support filetransfer it appears... but they - do work to some degree under Wine on Linux). + do work to some degree under Wine on Linux.) - The [696]SSVNC Unix VNC viewer supports UltraVNC file transfer by use + The [698]SSVNC Unix VNC viewer supports UltraVNC file transfer by use of a Java helper program. TightVNC file transfer is off by default, if you want to enable it use - the [697]-tightfilexfer option. + the [699]-tightfilexfer option. UltraVNC file transfer is off by default, to enable it use something like "-rfbversion 3.6 -permitfiletransfer" options (UltraVNC incorrectly uses the RFB protocol version to determine if its features are available, so x11vnc has to pretend to - be version 3.6). As of Sep/2006 "-ultrafilexfer" is an alias for these + be version 3.6.) As of Sep/2006 "-ultrafilexfer" is an alias for these two options. Note that running as RFB version 3.6 may confuse other VNC Viewers. @@ -8349,12 +8363,12 @@ rm -f $tmp implemented, you cannot do Tightvnc file transfer in -unixpw mode. However, UltraVNC file transfer does work in -unixpw (but if a client tries it do a filetransfer during the login process it will be - disconnected). + disconnected.) IMPORTANT: please understand if -ultrafilexfer or -tightfilexfer is specified and you run x11vnc as root for, say, inetd or display manager (gdm, kdm, ...) access and you do not have it switch users via - the [698]-users option, then VNC Viewers that connect are able to do + the [700]-users option, then VNC Viewers that connect are able to do filetransfer reads and writes as *root*. The UltraVNC and TightVNC settings can be toggled on and off inside @@ -8373,7 +8387,7 @@ rm -f $tmp these extensions you will need to supply this option to x11vnc: -rfbversion 3.6 - Or use [699]-ultrafilexfer which is an alias for the above option and + Or use [701]-ultrafilexfer which is an alias for the above option and "-permitfiletransfer". UltraVNC evidently treats any other RFB version number as non-UltraVNC. @@ -8385,14 +8399,14 @@ rm -f $tmp * 1/n Server Scaling * rfbEncodingUltra compression encoding - The [700]SSVNC Unix VNC viewer supports these UltraVNC extensions. + The [702]SSVNC Unix VNC viewer supports these UltraVNC extensions. - To disable SingleWindow and ServerInput use [701]-noultraext (the - others are managed by LibVNCServer). See this option too: - [702]-noserverdpms. + To disable SingleWindow and ServerInput use [703]-noultraext (the + others are managed by LibVNCServer.) See this option too: + [704]-noserverdpms. - Also, the [703]UltraVNC repeater proxy is supported for use with - reverse connections: "[704]-connect repeater://host:port+ID:NNNN". Use + Also, the [705]UltraVNC repeater proxy is supported for use with + reverse connections: "[706]-connect repeater://host:port+ID:NNNN". Use it for both plaintext and SSL connections. This mode can send any string before switching to the VNC protocol, and so could be used with other proxy/gateway tools. @@ -8403,17 +8417,17 @@ rm -f $tmp reverse vnc connection from their Unix desktop to a helpdesk operator's VNC Viewer. - Yes, UltraVNC's [705]Single Click (SC) mode can be emulated fairly + Yes, UltraVNC's [707]Single Click (SC) mode can be emulated fairly well on Unix. We use the term "helpdesk" below, but it could be any sort of remote assistance you want to set up, e.g. something for Unix-using friends - or family to use. This includes [706]Mac OS X. + or family to use. This includes [708]Mac OS X. Assume you create a helpdesk directory "hd" on your website: http://www.mysite.com/hd (any website that you can upload files to should work, although remember the user will be running the programs - you place there). + you place there.) In that "hd" subdirectory copy an x11vnc binary to be run on the Unix user's machine (e.g. Linux, etc) and also create a file named "vnc" @@ -8458,13 +8472,13 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc and then press Enter. You could have this instruction on a web page or in an email you send him, etc. This requires that the wget is installed on the user's Unix machine (he might only have curl or lynx, - see below for more info). + see below for more info.) So I guess this is about 3-4 clicks (start a terminal and paste) and pressing "Enter" instead of "single click"... - See [707]this page for some variations on this method, e.g. how to add + See [709]this page for some variations on this method, e.g. how to add a password, SSL Certificates, etc. @@ -8476,11 +8490,11 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc A bit of obscurity security could be put in with a -passwd, -rfbauth options, etc. (note that x11vnc will require a password even for - reverse connections). More info [708]here. + reverse connections.) More info [710]here. Firewalls: If the helpdesk (you) with the vncviewer is behind a - NAT/Firewall/Router the [709]router will have to be configured to + NAT/Firewall/Router the [711]router will have to be configured to redirect a port (i.e. 5500 or maybe different one if you like) to the vncviewer machine. If the vncviewer machine also has its own host-level firewall, you will have to open up the port there as well. @@ -8488,9 +8502,9 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc NAT-2-NAT: There is currently no way to go "NAT-2-NAT", i.e. both User and Helpdesk workstations behind NAT'ing Firewall/Routers without configuring a router to do a port redirection (i.e. on your side, the - HelpDesk). To avoid modifying either firewall/router, one would need + HelpDesk.) To avoid modifying either firewall/router, one would need some public (IP address reachable on the internet) redirection/proxy - service. Perhaps such a thing exists. [710]http://sc.uvnc.com provides + service. Perhaps such a thing exists. [712]http://sc.uvnc.com provides this service for their UltraVNC Single Click users. @@ -8502,7 +8516,7 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc above wget line) and prompt the user if he wants to run it. This may be tricky to set up (which is probably a good thing to not have the web browser readily run arbitrary programs downloaded from the - internet...). + internet...) One command-line free way, tested with KDE, is to name the file vnc.sh and then instruct the user to right-click on the link and do "Save @@ -8526,7 +8540,7 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc As of Apr/2007 x11vnc supports reverse connections in SSL and so we can do this. On the Helpdesk side (Viewer) you will need STUNNEL or - better use the [711]Enhanced TightVNC Viewer (SSVNC) package we + better use the [713]Enhanced TightVNC Viewer (SSVNC) package we provide that automates all of the SSL for you. To do this create a file named "vncs" in the website "hd" directory @@ -8556,20 +8570,20 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc with the hostnames or IP addresses customized to your case. - The only change from the "vnc" above is the addition of the [712]-ssl + The only change from the "vnc" above is the addition of the [714]-ssl option to x11vnc. This will create a temporary SSL cert: openssl(1) will need to be installed on the user's end. A fixed SSL cert file could be used to avoid this (and provide some authentication; more - info [713]here.) + info [715]here.) The naive user will be doing this: wget -qO - http://www.mysite.com/hd/vncs | sh - - (or perhaps even use https:// if available). + (or perhaps even use https:// if available.) But before that, the helpdesk operator needs to have "vncviewer -listen" running as before, however he needs an SSL tunnel at his end. - The easiest way to do this is use [714]Enhanced TightVNC Viewer + The easiest way to do this is use [716]Enhanced TightVNC Viewer (SSVNC). Start it, and select Options -> 'Reverse VNC Connection (-listen)'. Then UN-select 'Verify All Certs' (this can be enabled later if you want; you'll need the x11vnc SSL certificate), and click @@ -8588,9 +8602,9 @@ connect = localhost:5501 stunnel ./stunnel.cfg and then start the "vncviewer -listen 1" (i.e. 1 to correspond to the - 5501 port). Note that this assumes the stunnel install created a + 5501 port.) Note that this assumes the stunnel install created a Server SSL cert+key, usually /etc/stunnel/stunnel.pem (not all distros - will do this). Also, that file is by default only readable by root, so + will do this.) Also, that file is by default only readable by root, so stunnel needs to be run as root. If your system does not have a key installed or you do not want to run stunnel as root (or change the permissions on the file), you can use x11vnc to create one for you for @@ -8599,7 +8613,7 @@ connect = localhost:5501 answer the prompts with whatever you want; you can take the default for all of them if you like. The openssl(1) package must be installed. - See [715]this link and [716]this one too for more info on SSL certs. + See [717]this link and [718]this one too for more info on SSL certs. This creates $HOME/.vnc/certs/server-self:mystunnel.pem, then you would change the "stunnel.cfg" to look something like: foreground = yes @@ -8620,7 +8634,7 @@ connect = localhost:5501 then all bets are off!. More SSL variations and info about certificates can be found - [717]here. + [719]here. OpenSSL libssl.so.0.9.7 problems: @@ -8630,7 +8644,7 @@ connect = localhost:5501 distros are currently a bit of a mess regarding which version of libssl is installed. - You will find the [718]details here. + You will find the [720]details here. Q-123: Can I (temporarily) mount my local (viewer-side) Windows/Samba @@ -8639,7 +8653,7 @@ connect = localhost:5501 You will have to use an external network redirection for this. Filesystem mounting is not part of the VNC protocol. - We show a simple [719]Samba example here. + We show a simple [721]Samba example here. First you will need a tunnel to redirect the SMB requests from the remote machine to the one you sitting at. We use an ssh tunnel: @@ -8652,11 +8666,11 @@ connect = localhost:5501 Port 139 is the Windows Service port. For Windows systems instead of Samba, you may need to use the actual IP address of the Window machine instead of "localhost" in the -R option (since the Windows service - does not listen on localhost by default). + does not listen on localhost by default.) Note that we use 1139 instead of 139 on the remote side because 139 would require root permission to listen on (and you may have a samba - server running on it already). + server running on it already.) The ssh -C is to enable compression, which might speed up the data transfers. @@ -8672,15 +8686,15 @@ connect = localhost:5501 far-away> smbmount //haystack/pub /home/fred/smb-haystack-pub -o username=fre d,ip=127.0.0.1,port=1139 - (The 2nd command may need to be run as root). Then run "df" or "ls -l + (The 2nd command may need to be run as root.) Then run "df" or "ls -l /home/fred/smb-haystack-pub" to see if it is mounted properly. Consult the smbmount(8) and related documentation (it may require some - fiddling to get write permissions correct, etc.). To unmount: + fiddling to get write permissions correct, etc.) To unmount: far-away> smbumount /home/fred/smb-haystack-pub At some point we hope to fold some automation for SMB ssh redir setup - into the [720]Enhanced TightVNC Viewer (SSVNC) package we provide (as - of Sep 2006 it is there for testing). + into the [722]Enhanced TightVNC Viewer (SSVNC) package we provide (as + of Sep 2006 it is there for testing.) Q-124: Can I redirect CUPS print jobs from the remote desktop where @@ -8689,10 +8703,10 @@ d,ip=127.0.0.1,port=1139 You will have to use an external network redirection for this. Printing is not part of the VNC protocol. - We show a simple Unix to Unix [721]CUPS example here. Non-CUPS port + We show a simple Unix to Unix [723]CUPS example here. Non-CUPS port redirections (e.g. LPD) should also be possible, but may be a bit more tricky. If you are viewing on Windows SMB and don't have a local cups - server it may be trickier still (see below). + server it may be trickier still (see below.) First you will need a tunnel to redirect the print requests from the remote machine to the one you sitting at. We use an ssh tunnel: @@ -8709,7 +8723,7 @@ d,ip=127.0.0.1,port=1139 Note that we use 6631 instead of 631 on the remote side because 631 would require root permission to listen on (and you likely have a cups - server running on it already). + server running on it already.) Now the tricky part: to get applications to notice your cups server/printer on localhost:6631. @@ -8720,8 +8734,8 @@ d,ip=127.0.0.1,port=1139 Printing -> Printing Manager, and then supply admin password, and then Add Printer/Class, and then fill in the inquisitive wizard. Most important is the "Remote IPP server" panel where you put in localhost - for Host and 6631 for Port). The main setting you want to convey is - the host is localhost and the port is non-standard (e.g. 6631). Some + for Host and 6631 for Port.) The main setting you want to convey is + the host is localhost and the port is non-standard (e.g. 6631.) Some configuration utilities will take an Internet Printing Protocol (IPP) URI, e.g. http://localhost:6631/printers/, ipp://localhost:6631/printers/printer-name, @@ -8740,7 +8754,7 @@ d,ip=127.0.0.1,port=1139 operation. Unfortunately, running applications may need to be restarted to notice - the new printers (libcups does not track changes in client.conf). + the new printers (libcups does not track changes in client.conf.) Depending on circumstances, a running application may actually notice the new printers without restarting (e.g. no print dialog has taken place yet, or there are no CUPS printers configured on the remote @@ -8748,7 +8762,7 @@ d,ip=127.0.0.1,port=1139 Cups client software that is older (1.1) does not support appending the port number, and for newer ones there is a bug preventing it from - always working (fixed in 1.2.3). Kludges like these at the command + always working (fixed in 1.2.3.) Kludges like these at the command line will work: far-away> env CUPS_SERVER=localhost IPP_PORT=6631 lpstat -p -d far-away> env CUPS_SERVER=localhost IPP_PORT=6631 lpr -P myprinter file.ps @@ -8756,7 +8770,7 @@ d,ip=127.0.0.1,port=1139 but are somewhat awkward since you have to retroactively set the env. var IPP_PORT. Its value cannot be broadcast to already running apps - (like the $HOME/.cups/client.conf trick sometimes does). A common + (like the $HOME/.cups/client.conf trick sometimes does.) A common workaround for an already running app is to somehow get it to "Print To File", e.g. file.ps and then use something like the lpr example above. Also, the option "-h host:port" works with CUPS lp(1) and @@ -8766,13 +8780,13 @@ d,ip=127.0.0.1,port=1139 this with the smbspool(8) command, or configure the remote CUPS via lpadmin(8), etc, to use a printer URI something like smb://machine:port/printer (this may have some name resolution - problems WRT localhost). Also, as with SMB mounting, the port redir + problems WRT localhost.) Also, as with SMB mounting, the port redir (-R) to the Windows machine must use the actual IP address instead of "localhost". At some point we hope to fold some automation for CUPS ssh redir setup - into the [722]Enhanced TightVNC Viewer (SSVNC) package we provide (as - of Sep 2006 it is there for testing). + into the [724]Enhanced TightVNC Viewer (SSVNC) package we provide (as + of Sep 2006 it is there for testing.) Q-125: How can I hear the sound (audio) from the remote applications @@ -8783,7 +8797,7 @@ d,ip=127.0.0.1,port=1139 We show a simple Unix to Unix esd example here (artsd should be possible too, we have also verified the esd Windows port works for the - method described below). + method described below.) First you will need a tunnel to redirect the audio from the remote machine to the one you sitting at. We use an ssh tunnel: @@ -8796,7 +8810,7 @@ way.east 'x11vnc -localhost -display :0' Port 16001 is the default ESD uses. So when an application on the remote desktop makes a sound it will connect to this tunnel and be redirected to port 16001 on the local machine (sitting-here in this - example). The -C option is an attempt to compress the audio a little + example.) The -C option is an attempt to compress the audio a little bit. So we next need a local (sitting-here) esd daemon running that will @@ -8804,7 +8818,7 @@ way.east 'x11vnc -localhost -display :0' sitting-here> esd -promiscuous -port 16001 -tcp -bind 127.0.0.1 See the esd(1) man page for the meaning of the options (the above are - not very secure). (This method also works with the EsounD windows port + not very secure.) (This method also works with the EsounD windows port esd.exe) To test this sound tunnel, we use the esdplay program to play a simple @@ -8821,11 +8835,11 @@ way.east 'x11vnc -localhost -display :0' Then you could try playing some sounds inside xmms. You could also set the environment variable ESPEAKER=localhost:16001 to not need to supply the -s option all the time. (for reasons not clear, sometimes - esddsp can figure it out on its own). All the script esddsp does is to + esddsp can figure it out on its own.) All the script esddsp does is to set ESPEAKER and LD_PRELOAD for you so that when the application opens the sound device (usually /dev/dsp) its interactions with the device will be intercepted and sent to the esd daemon running on sitting-here - (that in turn writes them to the real, local /dev/dsp). + (that in turn writes them to the real, local /dev/dsp.) Redirecting All sound: @@ -8837,7 +8851,7 @@ way.east 'x11vnc -localhost -display :0' Here is one way to redirect all sound. The idea is we run the entire desktop with sound directed to localhost:16001. When we are sitting at far-away.east we run "esd -promiscuous -port 16001 -tcp -bind - 127.0.0.1" on far-away.east (to be able to hear the sound). However, + 127.0.0.1" on far-away.east (to be able to hear the sound.) However, when we are sitting at sitting-here.west we kill that esd process and run that same esd command on sitting-here.west and start up the above ssh tunnel. This is a little awkward, but with some scripts one would @@ -8852,7 +8866,7 @@ or: esddsp -s localhost:16001 startkde where the last part is whatever command starts your desktop (even - fvwm2). This causes the environment variables ESPEAKER and LD_PRELOAD + fvwm2.) This causes the environment variables ESPEAKER and LD_PRELOAD to be set appropriately and every application (processes with the desktop as an ancestor) will use them. If this scheme works well you can make it less klunky by adding the command to your ~/.xsession, @@ -8872,8 +8886,8 @@ or: the applications will fail to run because LD_PRELOAD will point to libraries of the wrong wordsize. * At some point we hope to fold some automation for esd or artsd ssh - redir setup into the [723]Enhanced TightVNC Viewer (SSVNC) package - we provide (as of Sep/2006 it is there for testing). + redir setup into the [725]Enhanced TightVNC Viewer (SSVNC) package + we provide (as of Sep/2006 it is there for testing.) Q-126: Why don't I hear the "Beeps" in my X session (e.g. when typing @@ -8884,23 +8898,23 @@ or: in Solaris, see Xserver(1) for how to turn it on via +kb), and so you won't hear them if the extension is not present. - If you don't want to hear the beeps use the [724]-nobell option. If + If you don't want to hear the beeps use the [726]-nobell option. If you want to hear the audio from the remote applications, consider - trying a [725]redirector such as esd. + trying a [727]redirector such as esd. Q-127: Does x11vnc work with IPv6? - Currently the only way to do this is via [726]inetd. You configure + Currently the only way to do this is via [728]inetd. You configure x11vnc to be run from inetd or xinetd and instruct it to listen on an IPv6 address. For xinetd the setting "flags = IPv6" will be needed. Unfortunately this will be inefficient if multiple VNC Viewers are connected at the same time (there will be a separate x11vnc for each - connection). Some sort of ipv4-to-ipv6 redirector tool (perhaps even a + connection.) Some sort of ipv4-to-ipv6 redirector tool (perhaps even a perl script) could be useful to avoid this. - Also note that not all VNC Viewers are [727]IPv6 enabled, so a + Also note that not all VNC Viewers are [729]IPv6 enabled, so a redirector could even be needed on the client side. @@ -9289,362 +9303,364 @@ References 369. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpport 370. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https 371. http://www.karlrunge.com/x11vnc/ssl-output.html - 372. http://www.karlrunge.com/x11vnc/ssvnc.html - 373. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-ext - 374. http://www.karlrunge.com/x11vnc/ss_vncviewer - 375. http://www.karlrunge.com/x11vnc/ssl-portal.html - 376. http://www.karlrunge.com/x11vnc/ssl.html - 377. http://www.karlrunge.com/x11vnc/ssvnc.html - 378. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir - 379. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers - 380. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer - 381. http://www.karlrunge.com/x11vnc/ssvnc.html - 382. http://www.karlrunge.com/x11vnc/ssl-portal.html - 383. http://www.karlrunge.com/x11vnc/ssl.html - 384. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously - 385. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 386. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 387. http://www.karlrunge.com/x11vnc/faq.html#infaq_x11vnc_loop - 388. http://club.mandriva.com/xwiki/bin/view/KB/XwinXset - 389. http://www.karlrunge.com/x11vnc/index.html#firewalls - 390. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 391. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen - 392. http://www.karlrunge.com/x11vnc/faq.html#infaq_dtlogin_solaris - 393. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 394. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 372. http://www.karlrunge.com/x11vnc/java_console_direct.html + 373. http://www.karlrunge.com/x11vnc/ssvnc.html + 374. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-ext + 375. http://www.karlrunge.com/x11vnc/ss_vncviewer + 376. http://www.karlrunge.com/x11vnc/ssl-portal.html + 377. http://www.karlrunge.com/x11vnc/ssl.html + 378. http://www.karlrunge.com/x11vnc/ssvnc.html + 379. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir + 380. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers + 381. http://www.karlrunge.com/x11vnc/java_console_proxy.html + 382. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer + 383. http://www.karlrunge.com/x11vnc/ssvnc.html + 384. http://www.karlrunge.com/x11vnc/ssl-portal.html + 385. http://www.karlrunge.com/x11vnc/ssl.html + 386. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously + 387. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 388. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 389. http://www.karlrunge.com/x11vnc/faq.html#infaq_x11vnc_loop + 390. http://club.mandriva.com/xwiki/bin/view/KB/XwinXset + 391. http://www.karlrunge.com/x11vnc/index.html#firewalls + 392. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 393. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen + 394. http://www.karlrunge.com/x11vnc/faq.html#infaq_dtlogin_solaris 395. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 396. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 397. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N - 398. http://www.jirka.org/gdm-documentation/x241.html - 399. http://www.karlrunge.com/x11vnc/x11vnc_loop - 400. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 401. http://www.karlrunge.com/x11vnc/faq.html#faq-xterminal-xauth - 402. http://www.karlrunge.com/x11vnc/index.html#firewalls - 403. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd - 404. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q, - 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 406. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 407. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi - 408. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-mdns - 409. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf - 410. http://www.avahi.org/ - 411. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 412. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 413. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 414. http://www.karlrunge.com/x11vnc/faq.html#infaq_stunnel-inetd - 415. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 416. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 417. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 418. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 419. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 420. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 421. http://www.karlrunge.com/x11vnc/find_display.html - 422. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 423. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 424. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 425. http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords - 426. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 428. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 430. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 431. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 432. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 433. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer - 434. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 435. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 437. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 438. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 439. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 442. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir - 443. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http - 444. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy - 445. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 446. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote - 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit - 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect - 449. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy - 450. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 396. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 397. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 398. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 399. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N + 400. http://www.jirka.org/gdm-documentation/x241.html + 401. http://www.karlrunge.com/x11vnc/x11vnc_loop + 402. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 403. http://www.karlrunge.com/x11vnc/faq.html#faq-xterminal-xauth + 404. http://www.karlrunge.com/x11vnc/index.html#firewalls + 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd + 406. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q, + 407. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 408. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 409. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi + 410. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-mdns + 411. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf + 412. http://www.avahi.org/ + 413. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 414. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 415. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 416. http://www.karlrunge.com/x11vnc/faq.html#infaq_stunnel-inetd + 417. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 418. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 419. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 420. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 421. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 422. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 423. http://www.karlrunge.com/x11vnc/find_display.html + 424. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 425. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 426. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 427. http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords + 428. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 430. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int + 431. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 432. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 433. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 434. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 435. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer + 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 437. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 438. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 439. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 442. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 443. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 444. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir + 445. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http + 446. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy + 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote + 449. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit + 450. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect 451. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy - 452. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess - 453. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess - 454. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 455. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 457. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 458. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 461. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 462. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 463. http://www.karlrunge.com/x11vnc/Xdummy - 464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 465. http://www.karlrunge.com/x11vnc/xdm_one_shot.html - 466. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously - 467. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 470. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 471. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 472. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 473. http://www.karlrunge.com/x11vnc/shm_clear - 474. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 475. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 476. http://www.karlrunge.com/x11vnc/faq.html#faq-noshm - 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap - 478. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 479. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb - 480. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 481. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs - 482. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 484. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 485. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 486. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc - 487. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 489. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 490. http://www.tightvnc.com/ - 491. http://www.karlrunge.com/x11vnc/ssvnc.html - 492. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 493. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 494. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 495. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds - 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging - 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs - 498. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 499. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive - 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel - 503. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor - 504. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos - 505. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout - 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 507. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 508. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area - 509. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem - 510. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 512. http://minimyth.org/ - 513. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl - 514. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 452. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 453. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 454. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess + 455. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess + 456. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 457. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 458. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 463. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 464. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 465. http://www.karlrunge.com/x11vnc/Xdummy + 466. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 467. http://www.karlrunge.com/x11vnc/xdm_one_shot.html + 468. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously + 469. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 470. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 471. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 472. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 473. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 474. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 475. http://www.karlrunge.com/x11vnc/shm_clear + 476. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 478. http://www.karlrunge.com/x11vnc/faq.html#faq-noshm + 479. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap + 480. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 481. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb + 482. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs + 484. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 485. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 486. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 487. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 488. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc + 489. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 491. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 492. http://www.tightvnc.com/ + 493. http://www.karlrunge.com/x11vnc/ssvnc.html + 494. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 495. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds + 498. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 499. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs + 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive + 503. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 504. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel + 505. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor + 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos + 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout + 508. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 509. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 510. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area + 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem + 512. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 513. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 514. http://minimyth.org/ + 515. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl + 516. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode 518. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 520. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe - 521. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect - 522. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode - 523. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 520. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode + 521. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 522. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe + 523. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect + 524. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode + 525. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow 526. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 527. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 528. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 529. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 530. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect - 531. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe - 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip - 534. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 535. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 536. http://www.karlrunge.com/x11vnc/index.html#beta-test - 537. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 538. http://www.karlrunge.com/x11vnc/ssvnc.html - 539. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop - 540. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_no_rootpixmap - 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr - 542. http://www.virtualgl.org/About/TurboVNC - 543. http://www.virtualgl.org/ - 544. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 - 545. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 547. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 - 548. http://www.karlrunge.com/x11vnc/ssvnc.html - 549. http://www.karlrunge.com/x11vnc/bins + 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 528. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 529. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 530. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 531. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect + 533. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe + 534. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 535. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip + 536. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 537. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 538. http://www.karlrunge.com/x11vnc/index.html#beta-test + 539. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 540. http://www.karlrunge.com/x11vnc/ssvnc.html + 541. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop + 542. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_no_rootpixmap + 543. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr + 544. http://www.virtualgl.org/About/TurboVNC + 545. http://www.virtualgl.org/ + 546. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 + 547. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 549. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 550. http://www.karlrunge.com/x11vnc/ssvnc.html - 551. http://www.virtualgl.org/About/Reports - 552. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 553. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 554. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 555. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 556. http://www.karlrunge.com/x11vnc/faq.html#infaq_the-overlay-mode - 557. http://www.karlrunge.com/x11vnc/index.html#solaris10-build - 558. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks - 559. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut - 560. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac - 561. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove - 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape - 563. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend - 564. http://www.karlrunge.com/x11vnc/ssvnc.html - 565. http://www.tightvnc.com/ - 566. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor - 567. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos - 568. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos - 569. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape - 570. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap - 571. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer + 551. http://www.karlrunge.com/x11vnc/bins + 552. http://www.karlrunge.com/x11vnc/ssvnc.html + 553. http://www.virtualgl.org/About/Reports + 554. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 555. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 556. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 558. http://www.karlrunge.com/x11vnc/faq.html#infaq_the-overlay-mode + 559. http://www.karlrunge.com/x11vnc/index.html#solaris10-build + 560. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks + 561. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut + 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac + 563. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove + 564. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape + 565. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend + 566. http://www.karlrunge.com/x11vnc/ssvnc.html + 567. http://www.tightvnc.com/ + 568. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor + 569. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos + 570. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos + 571. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape 572. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap - 573. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 574. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless - 575. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak - 576. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard - 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 578. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 579. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys - 580. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 581. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 583. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak - 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard - 585. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless - 586. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 587. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys - 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 590. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 591. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes - 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 593. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 573. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer + 574. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap + 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 576. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless + 577. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak + 578. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard + 579. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 580. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 581. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys + 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 583. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 585. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak + 586. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard + 587. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless + 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys + 590. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 591. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 593. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes 594. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 596. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 597. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat - 598. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat - 599. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods - 601. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 602. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock - 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys - 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock - 605. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all - 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 607. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak + 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 596. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 597. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 598. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 599. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat + 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat + 601. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods + 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 604. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock + 605. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock + 607. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all + 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak + 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap 612. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak - 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock - 615. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all - 616. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling - 617. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 618. http://people.pwf.cam.ac.uk/ssb22/setup/vnc-magnification.html - 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 620. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui - 621. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 622. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor - 623. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout - 624. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama - 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama - 626. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 628. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm - 629. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 630. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 631. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip - 632. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama - 633. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 634. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 635. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr - 636. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom - 637. http://www.karlrunge.com/x11vnc/ssvnc.html - 638. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate - 639. http://www.jwz.org/xscreensaver/man1.html - 640. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms - 641. http://www.beryl-project.org/ - 642. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 643. http://www.dslinux.org/blogs/pepsiman/?p=73 - 644. http://minimyth.org/ - 645. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 646. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 615. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak + 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock + 617. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all + 618. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling + 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 620. http://people.pwf.cam.ac.uk/ssb22/setup/vnc-magnification.html + 621. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 622. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui + 623. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 624. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor + 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout + 626. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama + 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama + 628. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 629. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 630. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm + 631. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 632. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 633. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip + 634. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama + 635. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 636. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 637. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr + 638. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom + 639. http://www.karlrunge.com/x11vnc/ssvnc.html + 640. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate + 641. http://www.jwz.org/xscreensaver/man1.html + 642. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms + 643. http://www.beryl-project.org/ + 644. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 645. http://www.dslinux.org/blogs/pepsiman/?p=73 + 646. http://minimyth.org/ 647. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 648. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 649. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 650. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 651. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 652. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb - 653. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 654. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 655. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded - 656. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 657. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 648. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 649. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 650. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 651. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 652. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 653. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 654. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb + 655. http://www.karlrunge.com/x11vnc/faq.html#faq-video + 656. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 657. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded 658. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 659. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 660. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded - 661. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware - 662. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 663. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb - 664. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb - 665. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 - 666. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 667. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb - 668. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 669. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab - 670. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb - 671. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 672. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 673. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 674. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 675. http://www.testplant.com/products/vine_server/OS_X - 676. http://www.apple.com/remotedesktop/ - 677. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 678. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 679. http://fredrik.hubbe.net/x2vnc.html - 680. http://www.karlrunge.com/x11vnc/faq.html#faq-win2vnc - 681. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect - 682. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 683. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging - 684. http://sourceforge.net/projects/vnc-reflector/ - 685. http://www.tightvnc.com/projector/ - 686. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 687. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 688. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 689. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 690. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel - 691. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary - 692. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir - 693. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input - 694. http://www.unixuser.org/~euske/vnc2swf/ - 695. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ - 696. http://www.karlrunge.com/x11vnc/ssvnc.html - 697. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-tightfilexfer - 698. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 699. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer - 700. http://www.karlrunge.com/x11vnc/ssvnc.html - 701. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext - 702. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms - 703. http://www.uvnc.com/addons/repeater.html - 704. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 705. http://www.uvnc.com/addons/singleclick.html - 706. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx - 707. http://www.karlrunge.com/x11vnc/single-click.html - 708. http://www.karlrunge.com/x11vnc/single-click.html - 709. http://www.karlrunge.com/x11vnc/index.html#firewalls - 710. http://sc.uvnc.com/ - 711. http://www.karlrunge.com/x11vnc/ssvnc.html - 712. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 713. http://www.karlrunge.com/x11vnc/single-click.html - 714. http://www.karlrunge.com/x11vnc/ssvnc.html + 659. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 660. http://www.karlrunge.com/x11vnc/faq.html#faq-video + 661. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 662. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded + 663. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware + 664. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 665. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 666. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb + 667. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 + 668. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 669. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb + 670. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 671. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab + 672. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 673. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 674. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 675. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 676. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 677. http://www.testplant.com/products/vine_server/OS_X + 678. http://www.apple.com/remotedesktop/ + 679. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 680. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 681. http://fredrik.hubbe.net/x2vnc.html + 682. http://www.karlrunge.com/x11vnc/faq.html#faq-win2vnc + 683. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect + 684. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 685. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 686. http://sourceforge.net/projects/vnc-reflector/ + 687. http://www.tightvnc.com/projector/ + 688. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 689. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 690. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 691. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 692. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel + 693. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary + 694. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir + 695. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input + 696. http://www.unixuser.org/~euske/vnc2swf/ + 697. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ + 698. http://www.karlrunge.com/x11vnc/ssvnc.html + 699. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-tightfilexfer + 700. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 701. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer + 702. http://www.karlrunge.com/x11vnc/ssvnc.html + 703. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext + 704. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms + 705. http://www.uvnc.com/addons/repeater.html + 706. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 707. http://www.uvnc.com/addons/singleclick.html + 708. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx + 709. http://www.karlrunge.com/x11vnc/single-click.html + 710. http://www.karlrunge.com/x11vnc/single-click.html + 711. http://www.karlrunge.com/x11vnc/index.html#firewalls + 712. http://sc.uvnc.com/ + 713. http://www.karlrunge.com/x11vnc/ssvnc.html + 714. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl 715. http://www.karlrunge.com/x11vnc/single-click.html - 716. http://www.karlrunge.com/x11vnc/ssl.html + 716. http://www.karlrunge.com/x11vnc/ssvnc.html 717. http://www.karlrunge.com/x11vnc/single-click.html - 718. http://www.karlrunge.com/x11vnc/single-click.html#libssl-problems - 719. http://www.samba.org/ - 720. http://www.karlrunge.com/x11vnc/ssvnc.html - 721. http://www.cups.org/ + 718. http://www.karlrunge.com/x11vnc/ssl.html + 719. http://www.karlrunge.com/x11vnc/single-click.html + 720. http://www.karlrunge.com/x11vnc/single-click.html#libssl-problems + 721. http://www.samba.org/ 722. http://www.karlrunge.com/x11vnc/ssvnc.html - 723. http://www.karlrunge.com/x11vnc/ssvnc.html - 724. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell - 725. http://www.karlrunge.com/x11vnc/faq.html#faq-sound - 726. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 727. http://jungla.dit.upm.es/~acosta/paginas/vncIPv6.html + 723. http://www.cups.org/ + 724. http://www.karlrunge.com/x11vnc/ssvnc.html + 725. http://www.karlrunge.com/x11vnc/ssvnc.html + 726. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell + 727. http://www.karlrunge.com/x11vnc/faq.html#faq-sound + 728. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 729. http://jungla.dit.upm.es/~acosta/paginas/vncIPv6.html ======================================================================= http://www.karlrunge.com/x11vnc/chainingssh.html: @@ -10660,9 +10676,9 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: Background: The typical way to allow access to x11vnc (or any other VNC server) - running on workstations inside a firewall is via SSH. The user - somewhere out on the Internet logs in to the SSH gateway machine and - uses port forwarding (e.g. ssh -t -L 5900:myworkstation:5900 + running on multiple workstations inside a firewall is via SSH. The + user somewhere out on the Internet logs in to the SSH gateway machine + and uses port forwarding (e.g. ssh -t -L 5900:myworkstation:5900 user@gateway) to set up the encrypted channel that VNC is then tunneled through. Next he starts up the VNC viewer on the machine where he is sitting directed to the local tunnel port (e.g. @@ -10695,8 +10711,11 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: ([2]ss_vncviewer) can also take advantage of the method described here with its -proxy option. - This apache solution may be too much for you, see [3]below for some - simpler non-SSH encrypted setups. + Simpler Solutions: This apache solution may be too much for you. It is + mainly intended for automatically redirecting to multiple workstations + inside the firewall. If you only have one inside machine that you want + to access, the method described here is overly complicated. See + [3]below for some simpler (non-SSH) encrypted setups. There are numerous ways to achieve this with Apache. We present one of the simplest ones here. |