The remote OpenBSD 5.1 desktop
380 words, 2 minutes
I already post on using VNC to connect to a remote OpenBSD 4.9 server . I’m just gonna write a short refresh while configuring a brand new OpenBSD 5.1 i386 workstation on my ESXi 5.
First of all, enable XDM:
# vi /etc/rc.conf.local
(...)
xdm_flags=""
# /etc/rc.d/xdm start
Then install and configure the VNC server and its dependancies:
# pkg_add x11vnc
x11vnc-0.9.13p1:libdaemon-0.14: ok
x11vnc-0.9.13p1:dbus-1.4.16p2v0: ok
x11vnc-0.9.13p1:gdbm-1.8.3p0: ok
x11vnc-0.9.13p1:avahi-0.6.30p6: ok
x11vnc-0.9.13p1:tcl-8.5.11p0: ok
x11vnc-0.9.13p1:desktop-file-utils-0.19: ok
x11vnc-0.9.13p1:tk-8.5.11: ok
x11vnc-0.9.13p1: ok
The following new rcscripts were installed: /etc/rc.d/avahi_daemon /etc/rc.d/avahi_dnsconfd /etc/rc.d/dbus_daemon /etc/rc.d/x11vnc
See rc.d(8) for details.
Look in /usr/local/share/doc/pkg-readmes for extra documentation.
--- +tcl-8.5.11p0 -------------------
You may wish to add /usr/local/lib/tcl/tcl8.5/man to /etc/man.conf
--- +tk-8.5.11 -------------------
You may wish to add /usr/local/lib/tcl/tk8.5/man to /etc/man.conf
# vi /etc/rc.conf.local
pkg_scripts="dbus_daemon avahi_daemon avahi_dnsconfd x11vnc"
(...)
avahi_daemon_flags=""
avahi_dnsconfd_flags=""
dbus_daemon_flags=""
multicast_host=YES
x11vnc_flags="-ssl SAVE -listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth guess"
Generate a password to protect the VNC connection:
# x11vnc -storepasswd /etc/x11vnc.passwd
Enter VNC password:
Verify password:
Write password to /etc/x11vnc.passwd? [y]/n y
Password written to: /etc/x11vnc.passwd
# ls -alh /etc/x11vnc.passwd
-rw------- 1 root wheel 8B Jun 13 18:16 /etc/x11vnc.passwd
Generate an SSL certificate to encrypt communication with the VNC server:
# x11vnc -ssl SAVE -listen 0.0.0.0 -rfbauth /etc/x11vnc.passwd -logfile /var/log/x11vnc -ncache 0 -display :0 -forever -loop100 -auth guess
--- x11vnc loop: 1 ---
--- x11vnc loop: waiting for: 32698
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a6:83:9d:34:53:b0:aa:61
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=AU, L=OpenBSD, OU=openbsd.tumfatig.net-1339605023.048746, O=x11vnc, CN=x11vnc-SELF-SIGNED-CERT-32698/emailAddress=x11vnc@server.nowhere
(...)
-----END CERTIFICATE-----
Key PEM file:
/root/.vnc/certs/server.pem
----------------------------------------------------------------------
(...)
Protect key with a passphrase? y/n n
PORT=5900
SSLPORT=5900
^C
Now, either manually start every enabled daemons or reboot to ensure everything goes automatically well.
Note that, on my Mac, “Chicken of the VNC” couldn’t connect to the VNC server because of no SSL support. It has SSH tunnel feature though. You might want to use this as a security rather than SSL. Stil on my Mac, “JollysFastVNC” did connect properly using SSL.
While I’m on notes, using JollysFastVNC, I had issues typing characters like pipe(|), braces({}), brackets([]), and backslash(). Not sure if this is because I have a french keyboard, but the solution is to switch to “local interpretation” hitting the right command (cmd) key.
I’m now ready to experiment the desktop way of the puff!