'\" t .\" ** The above line should force tbl to be a preprocessor ** .\" Man page for the SSVNC vncviewer .\" .\" Copyright (C) 2006-2009 Karl J. Runge .\" .\" You may distribute under the terms of the GNU General Public .\" License as specified in the file LICENCE.TXT that comes with the .\" TightVNC distribution. .\" .TH ssvnc 1 "December 2009" "" "SSVNC" .SH NAME ssvnc \- a GUI wrapper for SSL and SSH VNC connections. .SH SYNOPSIS .B ssvnc .br .B ssvnc .RI [\| host \|][\| :display \|] .br .B ssvnc .RI [\| saved-profile-name \|] .br .B ssvnc .RI [\| options \|]\ [\| host-or-profile \] .br .B ssvnc .IR \-cmd .RI [\| ssvnc_cmd-args \|] .br .B ssvnc .IR \--help .br .SH DESCRIPTION .B ssvnc is a tcl/tk gui wrapper that runs on Unix, MacOSX, and Windows. It sets up an SSL or SSH tunnel to the remote VNC Server and then launches the VNC viewer (either the one provided or another one that you have specified) to use that encrypted tunnel to connect to the VNC Server. The use of Proxies and Gateways to make the connections is implemented. Once you have started the SSVNC gui, you can click on the buttons "Help", "Options -> Help", "Certs -> Help", etc. for much information on how to use and configure the tool. In short, you supply a VNC server "hostname:display" in the "VNC Host:Display" entry box and then press the "Connect" button to connect to the server via SSL (stunnel). E.g. "far-away.east:0". Port numbers are also allowed, e.g. far-away.east:5905. Or supply user@hostname:display and click on the "Use SSH" option, then press the "Connect" button to connect to the server via an SSH tunnel. E.g. "fred@far-away.east:0". Note it is also possible to disable the use of SSL/SSH encryption tunnels by using a vnc:// or Vnc:// prefix before host:display. Shift+Ctrl-E is a short-cut to add/remove it. See also the \fB-noenc\fR option below for the 'No Encryption' button. Normally you do not specify any command line options. You simply run \fBssvnc\fR and use the GUI that starts up. However, as shortcuts you can supply a VNC host:display (or host:port) on the command line to connect to immediately (the GUI is started and the connection is initiated). For example, "\fBssvnc far-away.east:0\fR" Instead of a host:display, you can specify the name of a saved profile to automatically load that profile and then connect to its server. For example "\fBssvnc far\fR", if you named the profile "far". You can use the \fB-profiles\fR option to list the profiles you have saved. The related commands \fBsshvnc\fR and \fBtsvnc\fR start up the GUI in simplified modes: SSH Only Mode, and Terminal Services Mode, respectively. See below and the application Help for more information on the modes. You can also place certain settings in your ~/.ssvncrc, see the SSVNC Help panel ('Tips') for more info. The \fB-cmd\fR option does not start the GUI, it runs the command line utility \fBssvnc_cmd\fR directly with the given arguments. \fBssvnc_cmd\fR can launch the viewer directly (\fB-viewer ...\fR) or, by default, the \fBss_vncviewer\fR SSL/SSH tunnel wrapper script. See its help output for more information. There are also some command line options described as follows. .SH OPTIONS .TP \fB\-help\fR, \fB\-h\fR Prints out to the terminal a brief description and the options. .TP \fB\--help\fR Starts up the GUI as though the 'Help' button was pressed to show the main Help panel. .TP \fB\-cmd\fR \fI[ssvnc_cmd-args]\fR Launch the ssvnc_cmd utility command directly (no GUI) with the given arguments (for use when ssvnc_cmd is not in one's PATH.) If neither ssvnc_cmd nor ssvncviewer is in PATH, one can launch the viewer directly via: ssvnc -cmd -viewer [viewer-args] .TP \fB\-profiles\fR List the saved SSVNC profiles you have created. A profile is a destination host with specific parameter settings. .TP \fB\-list\fR Same as \fB\-profiles\fR .TP \fB\-ssh\fR Start in "SSH Only Mode". No SSL aspects are shown. Same as running the command \fBsshvnc\fR .TP \fB\-ts\fR Start in "Terminal Services Mode". This is like "SSH Only Mode", but simpler and assumes \fBx11vnc\fR is available on the remote side to start and manage X and VNC sessions. Same as running the command \fBtsvnc\fR .TP \fB\-tso\fR Same as \fB-ts\fR "Terminal Services Mode", however never let the user leave this mode (no button to switch modes is provided.) Same as SSVNC_TS_ALWAYS=1. .TP \fB\-ssl\fR Force the full GUI Mode: both SSL and SSH. This is the default. Same as \fB-ss\fR. .TP \fB\-nv\fR Toggle the "Verify All Certs" button to be off at startup. .TP \fB\-nvb\fR Never show the "Verify All Certs" button. Same as SSVNC_NO_VERIFY_ALL_BUTTON=1. .TP \fB\-bigger\fR Make the Profile Selection Dialog window bigger. Same as SSVNC_BIGGER_DIALOG=1. .TP \fB\-noenc\fR Start off in a mode where a 'No Encryption' check button is present. You can toggle the mode with Ctrl-E. Same as SSVNC_DISABLE_ENCRYPTION_BUTTON=1. Or \fInoenc=1\fR in ~/.ssvncrc. Selecting no encryption is the same as the vnc:// and Vnc:// prefixes described below. The \fB\-noenc\fR mode is now the default, use \fB-enc\fR or \fInoenc=0\fR for the opposite behavior. .TP \fB\-killstunnel\fR On Windows, automatically terminate the STUNNEL process when the viewer exits instead of prompting you (same as \fIkillstunnel=1\fR in ssvnc_rc or toggle in Options menu) .TP \fB\-nokillstunnel\fR On Windows, disable \fB-killstunnel\fR mode. Same as \fIkillstunnel=0\fR in ssvnc_rc or toggle in Options menu. Note that \fB-killstunnel\fR mode is now the default. .TP \fB\-mycert\fR \fI/path/to/mycert.pem\fR Set the default "MyCert" to be \fI/path/to/mycert.pem\fR. Same as \fB-cert\fR. If the file does not exist, ~/.vnc/certs is prefixed and tried. You can also set \fImycert=/path/to/mycert.pem\fR in ~/.ssvncrc. .TP \fB\-cacert\fR \fI/path/to/cacert.crt\fR Set the default "ServerCert" to be \fI/path/to/cacert.crt\fR. Same as \fB-ca\fR. If the file does not exist, ~/.vnc/certs is prefixed and tried. You can also set \fIcacert=/path/to/cacert.crt\fR in ~/.ssvncrc. .TP \fB\-crl\fR \fI/path/to/mycrl.pem\fR Set the default Certificate Revocation List to be \fI/path/to/mycrl.pem\fR. If the file does not exist, ~/.vnc/certs is prefixed and tried. You can also set \fIcrl=/path/to/mycrl.pem\fR in ~/.ssvncrc. .SH URL NOTATION Here are all of our URL-like prefixes that you can put in front of host:display (or host:port): For SSL: vncs:// vncssl:// and vnc+ssl:// For SSH: vncssh:// and vnc+ssh:// For No Encryption: vnc:// and Vnc:// Examples: To quickly make an SSL connection: \fBssvnc vncs://snoopy.com:0\fR To quickly make an SSH connection: \fBssvnc vnc+ssh://fred@snoopy.com:0\fR To quickly make a direct connection: \fBssvnc Vnc://snoopy.com:0\fR The above will also work in the "VNC Host:Display" entry box in the GUI. Press the "Connect" button after entering them. The difference between vnc:// and Vnc:// is that the latter one will not prompt you whether you really want to make an unencrypted connection or not. .SH FILES Your SSVNC vnc profiles are stored in the \fB$HOME/.vnc/profiles\fR directory. They end in suffix \fB.vnc\fR Your SSVNC vnc certificates and keys are stored in the \fB$HOME/.vnc/certs\fR directory. They typically end in \fB.pem\fR (both certificate and private key) or \fB.crt\fR (certificate only). You can put a few global parameters (e.g. mode=sshvnc) in your \fB$HOME/.ssvncrc\fR file (\fBssvnc_rc\fR on Windows); see the application Help for more information. .SH FONTS The following is from Tip 18 in the Help panel. Fonts: To change the tk fonts, set these environment variables before starting up ssvnc: SSVNC_FONT_DEFAULT and SSVNC_FONT_FIXED. For example: % env SSVNC_FONT_DEFAULT='helvetica -20 bold' ssvnc % env SSVNC_FONT_FIXED='courier -14' ssvnc or set both of them at once. To achieve the same effect, you can also set parameters in your ~/.ssvncrc file, for example: font_default=helvetica -20 bold font_fixed=courier -14 .SH SEE ALSO \fBssvncviewer\fB(1), \fBvncviewer\fR(1), \fBstunnel\fR(8), \fBssh\fR(1), \fBx11vnc\fR(1), \fBvncserver\fR(1) http://www.karlrunge.com/x11vnc http://www.karlrunge.com/x11vnc/ssvnc.html .SH AUTHORS Karl J. Runge wrote the SSVNC gui (tcl/tk) and associated wrapper scripts, and added features to the unix vncviewer source code.