Restricting access
Hi All, Long time listener, first time caller. :) I work for a company that uses Linux on the desktop. We have one windows system which is located in the server room and all employees have access to this system for when they need to do something which cannot be done under Linux. VNC is an ideal solution to provide access with one major drawback. I cannot find any way to easily restrict the windows box to one connection at a time. This is important because one of the very few applications that we run on the windows box is the payroll software and the boss doesn't want employees seeing things that they shouldn't. Now before everyone starts pointing out that there are hundreds of other ways to compromise the application... We have secured the physical server, the payroll software has an encrypted database and requires a password to access, the LAN is switched to prevent packet sniffing (we will ignore MAC overloading), etc... Multiple sessions via VNC is the only weakness that doesn't require some serious effort. The "-noshared" option with "ConnectPriority=2" is only useful if everyone uses it and there is no practical way to police a client side requirement. Any help would be much appreciated. Nick __ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: Restricting access
Nick, I think as it stands today (and unless a patch is forthcoming pretty quickly), VNC fails your business requirements for the time being. Use ConnectPriority=2 on the *server*. However, there's an outstanding bug that allows VNC clients to come in as "shared", and view this connection but not take over it, when connectpriority is 2. ConnectPriority instructions: In TightVNC, there is a radio button group in the Advanced dialog. Set "Refuse concurrent connections". In normal AT&T WinVNC (I think, I could be wrong), this has to be done using a registry editor. HKLM\ORL\WinVNC3\ConnectPriorityREG_DWORD 2 The default value for this is 0 - disconnect existing sessions. If this doesn't secure your site adequately, I would suggest rdesktop on the Unix boxes to connect to the Terminal Services Administration mode (installed by default in win2k and .NET server). This allows two concurrent users, as well a third on the console. If you need more, then add the TS licensing component and buy some TS licenses from your MS vendor. I suggest using about 512 MB of RAM to a box that has 20 simultaneous users and 1 GB to a box that has about 50 users. It's a good idea for this box to be a dual proc if you're going for 50 users. With any dual PIII or Xeon's this will be fine for normal office work - 2K is *very* good at sharing program images like IE and Office. Even with 50 users, you'll still get sub-second launch times for Word, Outlook, etc*. http://www.rdesktop.org/ I know it's not VNC, but it does satisfy your business requirements to not show a particular session. However, users must be trained to log out, not "disconnect" their session when using rdesktop. Disconnect allows the session to be resumed by another user successfully authenticating to the same user. If the HR person logs on as "alice" and Joe Bob logs on as "joe bob", then there's no problem - Joe Bob cannot take over the disconnected "alice" session. Andrew * I did the security audits and some of the security architecture on this: http://optusbusiness.com.au/00/01/00/000100fb.asp?spid=423 The global predecessor before C&W offloaded C&W Optus to Singtel. http://www.cwas.net/ (site down when I went there :-( ) Some very large sites use CWaS. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Nick Stock Sent: Wednesday, 20 March 2002 8:41 PM To: [EMAIL PROTECTED] Subject: Restricting access Hi All, [snip] I cannot find any way to easily restrict the windows box to one connection at a time. The "-noshared" option with "ConnectPriority=2" is only useful if everyone uses it and there is no practical way to police a client side requirement. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
vnc-list-digest V1 #1489
Hello, I saw that there is a problem at the hooks DLL with receiving hooks event from all the applications on the desktop. The hooks I get are only from the vinvnc exe . Does any one knows what the problem can be? And how to get the hooks from all the applications . Thanks, Naama _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
OK, let's drop the word "traditional" then. Let's make it: "I would dearly love to see a method of dealing with display and port numbers which does not confuse the bejeezus out of new users." Follow-ups | /dev/null - Original Message - From: "Scott "The Axe" O'Bryan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, 2002-03-19 19:28 Subject: RE: The Next Generation display numbers : I think it was taken off of the Unix display model, which some would : argue IS the traditional way of exporting a display. :) Just food for : though. : : -Original Message- : From: [EMAIL PROTECTED] : [mailto:[EMAIL PROTECTED]] On Behalf Of Alex K. : Angelopoulos : Sent: Tuesday, March 19, 2002 10:30 AM : To: [EMAIL PROTECTED] : Subject: VNC:The Next Generation display numbers : : FWIW, if this hasn't been discussed - I would dearly love to see VNC go : to a : more "traditional" approach in numbering displays - e.g., using a port : number for specification of ports used instead of an arbitrary display : number based on 5900... this causes too many headaches. : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: xmodmap patch to vnc 3.3.3
On Wed, 2002-03-20 at 16:02, Grant McDorman wrote: > According to Marius: > > Grant McDorman wrote: > > > > > > How does your dvorak layout modification work? If it's based on keycodes, it > > > will probably not work (keycodes are server dependant). You should be doing > > > something like 'keysym a = z' or the like, not 'keycode 1234 = z'. (Of > > > course, running it twice will completely mangle things.) > > > > Thanks! It actually works, almost... I can map the us keys, but it > > doesn't map the norwegian keys like "keysym oslash = s" (or aring). > > > > It is defined in my keycode-xmodmap like this: "keycode 97 = aring > > Aring" ( I am not running this, it is there when I log in. I find it > > using "xmodmap -pke" ) > > Is this a bug in VNC? > > Depends on what keycode 97 is. For VNC, you're *much* better off using > keysyms; that is, find the U.S. keysym for the key in question and use > that instead of keycode. Yes, i understand, but the system is configured with norwegian layout. If i change to US layout using xmodmap, I think I will get the same problem. I am NOT using xmodmap with keycodes myself, just keysyms. The keycodes are preconfigured for vnc (havent't changed anything in vnc), just as in normal X session. The opposite work though, i can use keysym "s = aring" and i get the norwegian character "aring" when i press s. But mapping from the aring-button to s is impossible. xmodmap does not complain, but it has no effect. Could it be that vnc is not handling keycodes outside the US keyboard right? > > If this is an "extra" key, use an arbitrary keycode greater than 127. > > > I haven't tried your patch yet. Do you think it will solve the problem? > > No. Aside from the fact that it won't fit in the current version, it appears > your problem was that you were using keycodes - and the wrong ones, at that. > > -- > > Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant > Cedara Software Corp. http://www.cedara.com> > (formerly I.S.G. Technologies Inc.) > Mississauga, Ontario, Canada - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
VNC authentication failed, after working for months
What would cause my authentication to fail for a session that has been running for months and that I have viewed many times? I started this particular session up months ago and have successfully connected to it daily since then. Today, from every machine I have tried to connect from, I get "VNC authentication failed" when I enter the password. I don't want to loose that session because I have lots of stuff running in it. How can I get in? Thanks, Jim Alred Indianapolis 317-587-3522 - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC Viewer under Solaris does not pass ctrl + mouse keys to host???
Make sure you don't have any other "modifier" keys turned on - the most likely culprit is Num Lock. (xterm - at least in SunOS 5.1 - doesn't pull up the menus if Num Lock is on.) I'm not sure about Caps Lock. xmodmap -pm will tell you the possible modifiers; xev will tell you what modifiers are active when you press a key. According to Andrew Ward: > When I run VNCviewer on my solaris box (SunOS award-u10 5.8 > Generic_108528-07 sun4u sparc SUNW,Ultra-5_10), I CANNOT access any > Xterm menus (ctrl+leftMouse or ctrl+middleiMouse or ctrl + > rightMouse). -- Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant Cedara Software Corp. http://www.cedara.com> (formerly I.S.G. Technologies Inc.) Mississauga, Ontario, Canada [demime 0.97b removed an attachment of type application/pgp-signature] - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC Viewer under Solaris does not pass ctrl + mouse keys to host???
Thanks Fred, I might try the tight VNC just to see what happens. The funny thing is that the viewer with the problem is running on the same machine as the server and when I access the window manager directly (fvwm2) there are no probs. Anyway thanls for your input. I hope you got in some skating on the Rideau this year, but I hear Winterlude was pretty short. Regards -Andrew Ward On Wed, Mar 20, 2002 at 02:47:12AM -0500, Fred wrote: > I run vncviewer and server on solaris 8, sometimes on the > same host. Sometimes in fullscreen mode, sometimes not, > sometimes with the viewer under twm, sometimes no > windowing system. > > Never had a problem with ALT-mousebutton > or Ctrl-Mousebutton. Maybe that key/button combination > has special meaning for the windowing system of which > vncviewer is a client; maybe the windowing system is > intercepting them? > > Fred > -- > Fred Ma > Department of Electronics > Carleton University, Mackenzie Building > 1125 Colonel By Drive > Ottawa, Ontario > Canada K1S 5B6 > [EMAIL PROTECTED] > == > > > Date: Tue, 19 Mar 2002 15:27:41 -0800 > > From: Andrew Ward <[EMAIL PROTECTED]> > > Subject: VNC Viewer under Solaris does not pass ctrl + mouse keys to host??? > > > > When I run VNCviewer on my solaris box (SunOS award-u10 5.8 > > Generic_108528-07 sun4u sparc SUNW,Ultra-5_10), I CANNOT access any > > Xterm menus (ctrl+leftMouse or ctrl+middleiMouse or ctrl + > > rightMouse). > > > > When I launch VNCViewer from a PC, I have FULL access to these menus. > > > > When I access those menus directly on xterms launched on that Solaris > > box (not through VNC server / viewer) I ALSO HAVE FULL access to these > > menus. > > > > I am using ~award/vnc_sun4_sosV_5.5/Vncviewer. (The troubled viewer > > and host are running on the same machine.) It has been working fine up > > until ECS pushed Solaris 8 on top of me. Since then it has been bad. > > > > And, I DO start my vnc server with: > > > > vncserver -pn -depth 24 -alwaysshared -geometry 1152x900 ; autocutsel > > > > Any insights would be greatly appreciated. > > > > - -Andrew > > > > - > > Andrew Ward > > ph: 408 527-2773| | > > 800.250.4800 ext 72773 | | > > Internet POP Systems BU||| ||| > > GSR development group (12000) ..:|||:...:|||:.. > > email to: [EMAIL PROTECTED] C i s c o S y s t e m s > - > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: The Next Generation display numbers
Fair enough.. I'd like to see that too.. :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Alex K. Angelopoulos Sent: Wednesday, March 20, 2002 5:10 AM To: [EMAIL PROTECTED] Subject: Re: The Next Generation display numbers OK, let's drop the word "traditional" then. Let's make it: "I would dearly love to see a method of dealing with display and port numbers which does not confuse the bejeezus out of new users." Follow-ups | /dev/null - Original Message - From: "Scott "The Axe" O'Bryan" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, 2002-03-19 19:28 Subject: RE: The Next Generation display numbers : I think it was taken off of the Unix display model, which some would : argue IS the traditional way of exporting a display. :) Just food for : though. : : -Original Message- : From: [EMAIL PROTECTED] : [mailto:[EMAIL PROTECTED]] On Behalf Of Alex K. : Angelopoulos : Sent: Tuesday, March 19, 2002 10:30 AM : To: [EMAIL PROTECTED] : Subject: VNC:The Next Generation display numbers : : FWIW, if this hasn't been discussed - I would dearly love to see VNC go : to a : more "traditional" approach in numbering displays - e.g., using a port : number for specification of ports used instead of an arbitrary display : number based on 5900... this causes too many headaches. : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
Wow, I was REALLY cranky before my first cup of coffee this morning... :( - Original Message - From: "Alex K. Angelopoulos" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, 2002-03-20 07:10 Subject: Re: The Next Generation display numbers : OK, let's drop the word "traditional" then. : : Let's make it: : "I would dearly love to see a method of dealing with display and port : numbers which does not confuse the bejeezus out of new users." : : Follow-ups | /dev/null : : - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: Screen blanking?...
If I understand you right, you mean blanking out the server's screen (the client is the controlling machine; the server is the machine which is "serving" a desktop, so blanking out the client's desktop would be useless). Having gotten the nomenclature point out of the way... ;) It appears not. The VNC documentation for the server is very complete, and shows no such ability. The closest you can come is the ability to disable inputs from keyboard and mouse on the server, but that only prevents intervention, of course, not viewing from the VNC server console. - Original Message - From: "James Victor" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, 2002-03-19 17:59 Subject: Screen blanking?... : Hello everyone, I'm new to the list, joined to ask a : question; does anyone know if there is a version of : VNC that supports screen blanking on the client (i.e., : blanking or blacking out the client's screen while : working on it)? : : I'm runing 3.3.3r9, for Windows 2000. : : : : __ : Do You Yahoo!? : Yahoo! Sports - live college hoops coverage : http://sports.yahoo.com/ : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
The problem is that VNC, on *nix systems, will always use a display number for access by applications. If one drops the display number for the VNC client connections, then we'll have *two* unrelated IDs for the VNC server - the display number, and the VNC ID, whatever that might be (port perhaps?). In the *nix world, using display number for both the applications and the VNC client makes sense. (Xvnc actually has three ports based on the display number: 5800+display, 5900+display, and 6000+display. The last one is the port used by applications to connect to the server.) I agree it doesn't make much sense in the Windows-only world; however, when connecting to *nix systems (from any system) it does make sense, and (in my opinion) should not be removed. Perhaps what we need is a way to explicitly specify the VNC port (the 580x/590x) on both the client and server. Connections to non-*nix systems could then use that. According to Alex K. Angelopoulos: > OK, let's drop the word "traditional" then. > > Let's make it: > "I would dearly love to see a method of dealing with display and port > numbers which does not confuse the bejeezus out of new users." > > Follow-ups | /dev/null > > - Original Message - > From: "Scott "The Axe" O'Bryan" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, 2002-03-19 19:28 > Subject: RE: The Next Generation display numbers > > > : I think it was taken off of the Unix display model, which some would > : argue IS the traditional way of exporting a display. :) Just food for > : though. > : > : -Original Message- > : From: [EMAIL PROTECTED] > : [mailto:[EMAIL PROTECTED]] On Behalf Of Alex K. > : Angelopoulos > : Sent: Tuesday, March 19, 2002 10:30 AM > : To: [EMAIL PROTECTED] > : Subject: VNC:The Next Generation display numbers > : > : FWIW, if this hasn't been discussed - I would dearly love to see VNC go > : to a > : more "traditional" approach in numbering displays - e.g., using a port > : number for specification of ports used instead of an arbitrary display > : number based on 5900... this causes too many headaches. > : - > : To unsubscribe, mail [EMAIL PROTECTED] with the line: > : 'unsubscribe vnc-list' in the message BODY > : See also: http://www.uk.research.att.com/vnc/intouch.html > : - > : - > : To unsubscribe, mail [EMAIL PROTECTED] with the line: > : 'unsubscribe vnc-list' in the message BODY > : See also: http://www.uk.research.att.com/vnc/intouch.html > : - > - > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > - -- Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant Cedara Software Corp. http://www.cedara.com> (formerly I.S.G. Technologies Inc.) Mississauga, Ontario, Canada [demime 0.97b removed an attachment of type application/pgp-signature] - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: VNC authentication failed, after working for months
> -Original Message- > What would cause my authentication to fail for a session that > has been running for months and that I have viewed many times? Has been... THat rings a bell. > > I started this particular session up months ago and have > successfully > connected to it daily since then. Today, from every machine I have > tried to connect from, I get "VNC authentication failed" when I > enter the password. Have you tried the local machine? The message indicates that the server still runs. > > I don't want to loose that session because I have lots of > stuff running > in it. How can I get in? At the console, check if the server is still running. If so, Check the password or force it to your known password. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Printing from remote machine to local printer
Is there a way/application that will allow me to print what is running on the remote machine to my local printer? Thanks; Bruce York Project Manager Network Designs, Inc See http://www.netdes.com to solve your network needs. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: xmodmap patch to vnc 3.3.3
On Wed, 2002-03-20 at 16:44, Grant McDorman wrote: > According to Marius Kotsbak: > > On Wed, 2002-03-20 at 16:02, Grant McDorman wrote: > > > According to Marius: > > > > Grant McDorman wrote: > > I am NOT using xmodmap with keycodes myself, just keysyms. The keycodes > > are preconfigured for vnc (havent't changed anything in vnc), just as in > > normal X session. > > > > The opposite work though, i can use keysym "s = aring" and i get the > > norwegian character "aring" when i press s. But mapping from the > > aring-button to s is impossible. xmodmap does not complain, but it has > > no effect. > > > > Could it be that vnc is not handling keycodes outside the US keyboard > > right? > > VNC doesn't include non-U.S. keysyms in its static keymap. Any keysym that > it receives outside of this static keymap is dynamically added. > > What happens is the VNC client sends the keysym. If the server finds it in > its keymap, it uses that; otherwise, it creates a new entry which, of > course, maps the incoming keysym to itself. > > I'm not sure how one could manage to remap a keysym outside the static > keymap at startup. However, to see if it works, try this: Press your aring > key; then do 'xmodmap -e "keysym aring = s"'. As I said; I have tried exactly that one. It is accepted, but has no effect. > > I'll look at the source for 3.3.3 and see if there is something that can be > cooked up. > > -- > > Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant > Cedara Software Corp. http://www.cedara.com> > (formerly I.S.G. Technologies Inc.) > Mississauga, Ontario, Canada - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: xmodmap patch to vnc 3.3.3
[Copied to the VNC list since this should be archived, and distributed to the world.] Background: Marius is using a VNC server on a *nix system, and has a non-US (Norwegian?) keyboard. He wishes to change the keyboard layout so that the 'Aring' key, when pressed, acts as the 's' key. The standard X method of changing this does not work. Analysis: This is a deficiency, at best; at worst, it's a bug. VNC in general sends keystrokes as key names (due to its Unix heritage, these are the names used in Unix, referred to as keysyms). The Unix VNC server has a compiled-in list of a basic set of key names; this is, essentially, the U.S. 'qwerty' keyboard. If you press a key on the viewer that's not in the static list, the VNC server looks for a key definition, locally, that when pressed will correspond to the key name. It then uses that definition, suitably modifed by the Shift/Shift Lock keys, to report the key to the Unix applications. As a result, it is impossible to redefine the key completely - the physical key name (in this case Aring) must be present on the logical key. In detail, the first time you press the 'aring' key Xvnc will add a key mapping that assigns keycode 91, say, to 'aring'. Subsequently, it will search its mappings when you press the 'aring' key, and find that entry #91 contains 'aring'. It will then send code 91 to the application - which will use the *same* entry to translate it back to a key name: that is, 'aring'. If you remap 'aring' to 's': xmodmap -e 'keysym aring = s' this changes entry #91 to contain only 's'. As a result, when Xvnc searches its mappings for 'aring', it won't find it - and will create a *new* mapping! However, since the VNC server (and all X servers, in fact) allow multiple key definitions for each physical key, there is a trick you can use to get the effect you want. The first two definitions on the key are the normal state, and the shifted state. The second two are for the 'AltGraph' or "Mode Switch" key, in combination with the shift key. Subsequent definitions are possible but usually serve no pratical purpose. However, since Xvnc uses the key definition when *any* of the set of mappings correspond to the physical key, you should be able to do this trick: xmodmap -e 'keycode 127 = s S aring' Then, Xvnc will find this mapping for when the viewer sends the aring key; since the 'aring' key name appears as the _third_ symbol the application (and you) will see 's' (or 'S') when you press the key. Of course, if you're using a 'mode switch' type key you'll have to extend the mapping to five entries; but it should still work. (original message follows) According to Marius Kotsbak: > On Wed, 2002-03-20 at 16:44, Grant McDorman wrote: > > According to Marius Kotsbak: > > > On Wed, 2002-03-20 at 16:02, Grant McDorman wrote: > > > > According to Marius: > > > > > Grant McDorman wrote: > > > I am NOT using xmodmap with keycodes myself, just keysyms. The keycodes > > > are preconfigured for vnc (havent't changed anything in vnc), just as in > > > normal X session. > > > > > > The opposite work though, i can use keysym "s = aring" and i get the > > > norwegian character "aring" when i press s. But mapping from the > > > aring-button to s is impossible. xmodmap does not complain, but it has > > > no effect. > > > > > > Could it be that vnc is not handling keycodes outside the US keyboard > > > right? > > > > VNC doesn't include non-U.S. keysyms in its static keymap. Any keysym that > > it receives outside of this static keymap is dynamically added. > > > > What happens is the VNC client sends the keysym. If the server finds it in > > its keymap, it uses that; otherwise, it creates a new entry which, of > > course, maps the incoming keysym to itself. > > > > I'm not sure how one could manage to remap a keysym outside the static > > keymap at startup. However, to see if it works, try this: Press your aring > > key; then do 'xmodmap -e "keysym aring = s"'. > As I said; I have tried exactly that one. It is accepted, but has no > effect. > > > > > I'll look at the source for 3.3.3 and see if there is something that can be > > cooked up. > > > > -- > > > > Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant > > Cedara Software Corp. http://www.cedara.com> > > (formerly I.S.G. Technologies Inc.) > > Mississauga, Ontario, Canada > > > -- Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant Cedara Software Corp. http://www.cedara.com> (formerly I.S.G. Technologies Inc.) Mississauga, Ontario, Canada [demime 0.97b removed an attachment of type application/pgp-signature] - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: VNC authentication failed, after working for months
It even fails from on the local machine. 'ps' indicates that the server is still running, too. How do I "Check the password or force it to your known password?" Jim > -Original Message- > From: "Beerse, Corni" [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 20, 2002 10:41 AM > To: '[EMAIL PROTECTED]' > Subject: RE: VNC authentication failed, after working for months > > > > -Original Message- > > > What would cause my authentication to fail for a session that > > has been running for months and that I have viewed many times? > > Has been... THat rings a bell. > > > > > I started this particular session up months ago and have > > successfully > > connected to it daily since then. Today, from every machine I have > > tried to connect from, I get "VNC authentication failed" when I > > enter the password. > > Have you tried the local machine? > The message indicates that the server still runs. > > > > > I don't want to loose that session because I have lots of > > stuff running > > in it. How can I get in? > > At the console, check if the server is still running. > If so, Check the password or force it to your known password. > - > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
On Wed, Mar 20, 2002 at 10:38:40AM -0500, Grant McDorman wrote: > > The problem is that VNC, on *nix systems, will always use a display > number for access by applications. If one drops the display number for > the VNC client connections, then we'll have *two* unrelated IDs for > the VNC server - the display number, and the VNC ID, whatever that > might be (port perhaps?). We already have that. A typical Xvnc listens for X apps on :1 and also listens for VNC clients on :1, where :1 and :1 are two completely different things. :-/ It's even possible, though rare, to have Xvnc use completely different display numbers for X and RFB, which could be incredibly confusing to someone who doesn't understand the difference between :1 and :1. And the system breaks down completely if you have 100+ displays. It would be a lot less confusing if all VNC implementations used a single port for RFB. Xvnc would still have an X display number, but anyone using X can be expected to figure that out. The current system only makes good sense on one platform, and it doesn't scale. > I agree it doesn't make much sense in the Windows-only world; however, > when connecting to *nix systems (from any system) it does make sense, > and (in my opinion) should not be removed. In a VNC implementation with a single port serving multiple displays, each display would still need some kind of identifier, and it would make sense for Xvnc to continue to use the X display number for that purpose. It would even work with display numbers > 99, which would be refreshing. > Perhaps what we need is a way to explicitly specify the VNC port (the > 580x/590x) on both the client and server. Connections to non-*nix > systems could then use that. That would be nice too. Xvnc currently has command line options with which you can specify either port number or display number. It would be nice if other implementations had that feature as well. -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: Printing from remote machine to local printer
Not directly. Theoretically, if you were using a secure tunnel program, you could map the appropriate printer ports and manually add a new printer from the server (remote) side to your local side. Not pretty. Glenn -Original Message- From: Bruce York [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 20, 2002 10:46 AM To: [EMAIL PROTECTED] Subject: Printing from remote machine to local printer Is there a way/application that will allow me to print what is running on the remote machine to my local printer? Thanks; Bruce York Project Manager Network Designs, Inc See http://www.netdes.com to solve your network needs. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: Shared WTS Sessions Using VNC
Wow! Thanks for the great instructions. Now all we need is a hack to open up the WTS session for a user after VNC authentication. :-) -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: Restricting access
On Wed, Mar 20, 2002 at 09:24:30PM +1100, Andrew van der Stock wrote: > > If this doesn't secure your site adequately, I would suggest rdesktop on > the Unix boxes to connect to the Terminal Services Administration mode > (installed by default in win2k and .NET server). Doesn't Administration mode restrict access to users in an administrative group? Wouldn't it be just as insecure if everyone was an administrator? I'm not a Windows sysadmin, but it sounds like Application mode would be an appropriate (though more expensive) solution where Administration mode would not. Another option would be to use some sort of gateway system. If VNC access is restricted to a particular Linux box, then you could run vncviewer fullscreen inside Xvnc -nevershared and have your users connect to that. Other convoluted possibilities abound. -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: The Next Generation display numbers
If Xvnc uses one port for RFB then with the current implemenation it wont be possible to open two display from Xvnc. -Original Message- From: Michael Ossmann [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 20, 2002 8:52 AM To: [EMAIL PROTECTED] Subject: Re: The Next Generation display numbers On Wed, Mar 20, 2002 at 10:38:40AM -0500, Grant McDorman wrote: > > The problem is that VNC, on *nix systems, will always use a display > number for access by applications. If one drops the display number for > the VNC client connections, then we'll have *two* unrelated IDs for > the VNC server - the display number, and the VNC ID, whatever that > might be (port perhaps?). We already have that. A typical Xvnc listens for X apps on :1 and also listens for VNC clients on :1, where :1 and :1 are two completely different things. :-/ It's even possible, though rare, to have Xvnc use completely different display numbers for X and RFB, which could be incredibly confusing to someone who doesn't understand the difference between :1 and :1. And the system breaks down completely if you have 100+ displays. It would be a lot less confusing if all VNC implementations used a single port for RFB. Xvnc would still have an X display number, but anyone using X can be expected to figure that out. The current system only makes good sense on one platform, and it doesn't scale. > I agree it doesn't make much sense in the Windows-only world; however, > when connecting to *nix systems (from any system) it does make sense, > and (in my opinion) should not be removed. In a VNC implementation with a single port serving multiple displays, each display would still need some kind of identifier, and it would make sense for Xvnc to continue to use the X display number for that purpose. It would even work with display numbers > 99, which would be refreshing. > Perhaps what we need is a way to explicitly specify the VNC port (the > 580x/590x) on both the client and server. Connections to non-*nix > systems could then use that. That would be nice too. Xvnc currently has command line options with which you can specify either port number or display number. It would be nice if other implementations had that feature as well. -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
That 1-port-per display issue is one of the things that struck me as particularly inelegant when I first encountered VNC; without knowing anything about the technical details behind it, I am guessing that it was motivated by some shortcut taken to simplify the original implementation. Going one step further, it might be nice if the next generation could also respond to HTTP queries on the same port by attempting to serve an applet - assuming that would not introduce excessive complexity or security issues into the server side of the connection. Is that a theoretical possibility? The client currently looks for a plain-text RFB version number being passed to it from the server; I assume something analogous is done by the server when connecting to a listen-only viewer. Since HTTP connections already do text requests, a plain connection attempt or one with a query keyword appended would seem to me to be able to communicate sufficient information for the server to decide what to do. - Original Message - From: "Michael Ossmann" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, 2002-03-20 11:51 Subject: Re: The Next Generation display numbers : On Wed, Mar 20, 2002 at 10:38:40AM -0500, Grant McDorman wrote: : > : > The problem is that VNC, on *nix systems, will always use a display : > number for access by applications. If one drops the display number for : > the VNC client connections, then we'll have *two* unrelated IDs for : > the VNC server - the display number, and the VNC ID, whatever that : > might be (port perhaps?). : : We already have that. A typical Xvnc listens for X apps on :1 and also : listens for VNC clients on :1, where :1 and :1 are two completely : different things. :-/ : : It's even possible, though rare, to have Xvnc use completely different : display numbers for X and RFB, which could be incredibly confusing to : someone who doesn't understand the difference between :1 and :1. And : the system breaks down completely if you have 100+ displays. : : It would be a lot less confusing if all VNC implementations used a : single port for RFB. Xvnc would still have an X display number, but : anyone using X can be expected to figure that out. : : The current system only makes good sense on one platform, and it doesn't : scale. : : > I agree it doesn't make much sense in the Windows-only world; however, : > when connecting to *nix systems (from any system) it does make sense, : > and (in my opinion) should not be removed. : : In a VNC implementation with a single port serving multiple displays, : each display would still need some kind of identifier, and it would make : sense for Xvnc to continue to use the X display number for that purpose. : It would even work with display numbers > 99, which would be refreshing. : : > Perhaps what we need is a way to explicitly specify the VNC port (the : > 580x/590x) on both the client and server. Connections to non-*nix : > systems could then use that. : : That would be nice too. Xvnc currently has command line options with : which you can specify either port number or display number. It would be : nice if other implementations had that feature as well. : : -- : Mike Ossmann, Tarantella/UNIX Engineer/Instructor : Alternative Technology, Inc. http://www.alttech.com/ : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: Shared WTS Sessions Using VNC
That won't actually require a hack I believe. The programming interface for the client applet from Microsoft allows access to interfaces to specify username and password when connecting to Terminal Services through the IMsTscNonScriptable interface in mstscax.dll. - Original Message - From: "Michael Ossmann" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, 2002-03-20 12:26 Subject: Re: Shared WTS Sessions Using VNC : Wow! Thanks for the great instructions. Now all we need is a hack to : open up the WTS session for a user after VNC authentication. :-) : : -- : Mike Ossmann, Tarantella/UNIX Engineer/Instructor : Alternative Technology, Inc. http://www.alttech.com/ : - : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
VNC server in Java
sir I am a student of Computer engineering in college of engineering, chengannur,kerala. We are going to do our project this semester. VNC is our topic. Can you kindly inform from where we can download the source code for VNC server for linux in Java. regards Kiran - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC through port 80? - having problems
Hi All, Thanks a bunch for the help! I now have VNC working properly! I actually got it working on port 21 & 23 (-5879 and -5877) instead of port 80. Port 80 might work, but I haven't tried it. I'm thinking it won't b/c wouldn't it have to go through the proxy on port 80? I might try this tomorrow. Anyway, here's what I had to do (note, this was also sent to some friends so ignore the details you already know): 1. Copy and paste "-5879" into the display number for the server. Close, then restart the server and a weird, long number will display for some reason. It's actually running on port 21 though (FTP). 2. In the viewer enter the name / IP address plus ":-5879". I'm now able to connect from work to home despite the firewall / proxy. You can also use port 23 (telnet) with -5877 (or probably any common port that isn't blocked). This *might* work on port 80 too (with -5820), but I haven't tried it yet. I'm thinking it won't b/c wouldn't it have to go through the proxy on port 80? I might try this tomorrow. If you're using a router, make sure it's forwarding port 21, 23, or 80 to the proper machine. --Kyle Yamnitz The Lesson Plans Page: http://www.LessonPlansPage.com - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
[VNC] Transferring Files?
Hi again, Now that I have VNC working, what's the best way for me to transfer files back and forth (win2k pro box is the server, win95 is the client)? There isn't a way to do this through VNC is there? Assuming no, what would you suggest that is easy to run and preferably free or cheap? Just an FTP program? Thanks in advance, --Kyle Yamnitz The Lesson Plans Page: http://www.LessonPlansPage.com - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: [VNC] Transferring Files?
Hiyas, Yep some freeware FTP server is going to be your quickest method of file transfer. But if your files are smaller such as under 10MB you should be fine using Windows networking it just will not be as fast as FTP. You can find several options by going to download.com and searching for "FTP server." If you are transfering large file 10MB+ I would not sugest you use Windows networking unless you have some serious time you want to kill during file transfers. There is to much overhead associated with Windows networking and it slows down file transfers speeds. Good luck! Thanks, Bill -Original Message- From: Kyle Yamnitz To: [EMAIL PROTECTED] Sent: 3/20/2002 2:40 PM Subject: [VNC] Transferring Files? Hi again, Now that I have VNC working, what's the best way for me to transfer files back and forth (win2k pro box is the server, win95 is the client)? There isn't a way to do this through VNC is there? Assuming no, what would you suggest that is easy to run and preferably free or cheap? Just an FTP program? Thanks in advance, --Kyle Yamnitz The Lesson Plans Page: http://www.LessonPlansPage.com - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC through port 80? - having problems
On Wed, Mar 20, 2002 at 02:35:22PM -0600, Kyle Yamnitz wrote: > > This *might* work on port 80 too (with -5820), but I haven't tried it > yet. I'm thinking it won't b/c wouldn't it have to go through the proxy > on port 80? I might try this tomorrow. You're probably right. If it goes through a proxy, then you can use that port for HTTP (normally 5800) but not RFB (normally 5900). -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
On Wed, Mar 20, 2002 at 01:59:07PM -0500, Alex K. Angelopoulos wrote: > Going one step further, it might be nice if the next > generation could also respond to HTTP queries on the same port by > attempting to serve an applet - assuming that would not introduce > excessive complexity or security issues into the server side of the > connection. Actually, it has already been done: http://home.earthlink.net/~jknapka/vncpatch.html At the beginning of a TCP stream, RFB clients wait for the server to send a version string whereas HTTP servers wait for a client to send a query string. With the above patch, the VNC server waits for a HTTP query from the client for a short time. If it times out (2 seconds, IIRC) then the server sends the RFB version and so forth. It adds a small delay to the very beginning of the RFB session, but it could be pretty handy. Tarantella does a similar thing for their firewall traversal feature. -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Tight VNC CPU consumption
Having recently installed VNC 3.3.3r2 with the tight VNC patch vnc-3.3.3r2-unix-tight-1.2.2.patch, we are running into a fairly frequent problem where Xvnc consumes a lot of CPU time. This appears to be due to a tight polling loop involving: =>[1] _poll(0x0, 0x8, 0x0, 0x0, 0x0, 0x80), at 0xff217e74 [2] _select(0x7, 0x0, 0xff239164, 0xff239164, 0xffbeee38, 0xffbeed68), at 0xff1cb588 [3] httpCheckFds(0x1, 0x18e400, 0x179988, 0x0, 0x0, 0xffbeeea1), at 0xa41bc [4] ProcessInputEvents(0x1, 0x179984, 0x179988, 0x0, 0x199ff0, 0x0), at 0x94494 [5] Dispatch(0x3c, 0x175000, 0x94, 0x4, 0x198c00, 0x198d80), at 0x3a33c [6] main(0x158400, 0x18e400, 0xffbef28c, 0x14, 0x198c00, 0x175000), at 0x28550 We do not normally use the HTTP access mechanism, so my first hack is going to be to turn it off and see if that helps. However, if anyone can shed any light on this I'd be grateful. Oh yeah: this is on a Sparc Solaris 8 system, compiled with the SUN C compiler. Thanks. Bob Bramwell403/294-6528 voice #860, 815-8 Av SW Network Administrator 403/266-2620 faxCalgary, Alberta Simulutions, a division of TCEnet Inc. T2P 3P2, Canada. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Tight VNC CPU consumption - again
My previous stack trace may have been an aberration. This one seems more typical: =>[1] _poll(0xffbee998, 0x9, 0xb741, 0xb3b0, 0x0, 0x1), at 0xff217e70 [2] _select(0x80, 0x0, 0xff239164, 0xff239164, 0x18e720, 0xffbee998), at 0xff1cb588 [3] WaitForSomething(0x198c00, 0x18e400, 0x18e68c, 0xb5b3b03d, 0x199ff0, 0x0), at 0x52458 [4] Dispatch(0x3c, 0x175000, 0x94, 0x4, 0x198c00, 0x198d80), at 0x3a34c [5] main(0x158400, 0x18e400, 0xffbef304, 0x14, 0x198c00, 0x175000), at 0x28550 I'll try not to mislead you again :-) - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: The Next Generation display numbers
Whoa... If you could do that there would be no need for any ports Only one thing can listen to a single port. This is not a *NIX issue -- it is a basic TCP/IP Networking 101 issue that affects all OS's. You can telnet to port 21 on a machine running FTP and see the welcome message just as you can telnet to port 590x on your VNC server which will respond with "RFB 003.003". You can't ALSO run a telnet service on either port 21 or 590x while running the other services, daemons, processes or whatever you like to call them on your platform. Your idea would require an RFB-enabled browser. Port 580x is used for HTTP and 590x for RFB only. The only way around this would be to run still another daemon (another program/transport layer) on a specified port, say 570x, have it read the packet headers, and route packets across the TCP layer to the correct ports 580x and 590x on 127.0.0.1 for the respective services of HTTP and RFB. This would add considerable overhead and addition latency. It would likely complicate the lives of people running SSH tunnels as well. So it is possible, but not really practical. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Alex K. > Angelopoulos > Sent: Wednesday, March 20, 2002 12:59 PM > To: [EMAIL PROTECTED] > Subject: Re: The Next Generation display numbers > > > That 1-port-per display issue is one of the things that struck me as > particularly inelegant when I first encountered VNC; without knowing > anything about the technical details behind it, I am guessing > that it was > motivated by some shortcut taken to simplify the original > implementation. > Going one step further, it might be nice if the next > generation could also > respond to HTTP queries on the same port by attempting to > serve an applet - > assuming that would not introduce excessive complexity or > security issues > into the server side of the connection. > > Is that a theoretical possibility? The client currently looks for a > plain-text RFB version number being passed to it from the > server; I assume > something analogous is done by the server when connecting to > a listen-only > viewer. Since HTTP connections already do text requests, a > plain connection > attempt or one with a query keyword appended would seem to me > to be able to > communicate sufficient information for the server to decide > what to do. > > - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: The Next Generation display numbers
: Grant McDorman <[EMAIL PROTECTED]> : The problem is that VNC, on *nix systems, will always use a display : number for access by applications. If one drops the display number : for the VNC client connections, then we'll have *two* unrelated IDs : for the VNC server - the display number, and the VNC ID, whatever that : might be (port perhaps?). What, you don't like the -rfbport option of Xvnc? What's wrong with it? Needs to be uppercase or something? I agree that an unambiguous way to refer by port instead of by display number in a vncviewer would be nice; but it isn't all that unweildy now: if the number is over 100, it's a port. So again... just what do you propose should change, anyways? Or did you mean the WinDoze server? Wayne Throop [EMAIL PROTECTED] - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: Restricting access
TS access in administrative mode is actually governed by ACLs which you can adjust in the TS configuration snap-in, and via group policy. The security of the solution is better than the VNC solution, as the TS solution will only let you log in as yourself, and only grant access to disconnected desktops that you have permission to see (ie they're from your account). "Administrative" vs "application" - the major differences here is simply the way licensing works. Administrative mode does not install a license service and only allows 2 remote connections, and "application" mode installs the TS license service and allows as many connections as you have licenses for. To go to a Citrix style Program Neighborhood, where remote applications are displayed locally on the user's desktop, you have to go to Citrix. TS only does full screen access. This is okay as rdesktop doesn't support Citrix ICA connections anyway. Your second solution would also work. Andrew -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Michael Ossmann Sent: Thursday, 21 March 2002 4:42 AM To: [EMAIL PROTECTED] Subject: Re: Restricting access [snip] Doesn't Administration mode restrict access to users in an administrative group? Wouldn't it be just as insecure if everyone was an administrator? [snip] Another option would be to use some sort of gateway system. If VNC access is restricted to a particular Linux box, then you could run vncviewer fullscreen inside Xvnc -nevershared and have your users connect to that. Other convoluted possibilities abound. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC Viewer under Solaris does not pass ctrl + mouse keys to host???
No problem. Though it would be better if you found that something else was the culprit. Not that TightVNC is bad or anything, quite the contrary, but it actually needs to be compiled for solaris. I ran into some problems, and have been referring friends to http://www.geocrawler.com/lists/3/SourceForge/17280/0/7281985/ http://www.geocrawler.com/lists/3/SourceForge/17280/0/7390815/ if they want to build VNC on solaris. No skating for me...wrestling with a thesis that's long overdue. Also, housing is very expensive up here, so one lives where one can, noisy or not. Has a big impact on focus and sanity. There's your negativity for the day. Are you a canuck migrated south, or just deal alot with Ottawa? Also, I took a closer look at your response. When you say things are OK after accessing the window manager (WM) directly, I'm not clear on what you mean. I start up the viewer a number of ways. I can either have a nonVNC desktop open e.g. via twm, then open up a viewer as a twm client. Most of the time, the desktop inside the viewer is also twm. Or I can log onto the console of a sunbox using failsafe mode, where I don't get any window manager, just a big white immobile box with a csh prompt inside. From that prompt, I can start a viewer (usually in fullscreen mode), which will not be a twm client. The (slight) problem occurs when the viewer *is* a twm client. I've set up twm so that the F4 key rotates the topmost window to the bottom. This gets interpretted by the twm process that is hosting the viewer. The twm process running for the desktop *inside* the viewer never gets to see the F4 key. That's the closest thing I can think of to the problem you describe. Anyway, good luck. Fred -- Fred Ma Department of Electronics Carleton University, Mackenzie Building 1125 Colonel By Drive Ottawa, Ontario Canada K1S 5B6 [EMAIL PROTECTED] == > Date: Wed, 20 Mar 2002 07:23:38 -0800 > From: Andrew Ward <[EMAIL PROTECTED]> > Subject: Re: VNC Viewer under Solaris does not pass ctrl + mouse keys to host??? > > Thanks Fred, > > I might try the tight VNC just to see what happens. > > The funny thing is that the viewer with the problem is running on the > same machine as the server and when I access the window manager > directly (fvwm2) there are no probs. > > Anyway thanls for your input. I hope you got in some skating on the > Rideau this year, but I hear Winterlude was pretty short. > > Regards > > - -Andrew Ward - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: [VNC] Transferring Files?
FTP program and server would work best probably. A more elegant solution might be VPN, but I'm assuming your locked out of that from behind your second firewall. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Kyle Yamnitz Sent: Wednesday, March 20, 2002 1:40 PM To: [EMAIL PROTECTED] Subject: [VNC] Transferring Files? Hi again, Now that I have VNC working, what's the best way for me to transfer files back and forth (win2k pro box is the server, win95 is the client)? There isn't a way to do this through VNC is there? Assuming no, what would you suggest that is easy to run and preferably free or cheap? Just an FTP program? Thanks in advance, --Kyle Yamnitz The Lesson Plans Page: http://www.LessonPlansPage.com - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: VNC through port 80? - having problems
Should be no reason you couldn't proxy the 5900 port also. I believe that that it precisely what vnc proxy does. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Michael Ossmann Sent: Wednesday, March 20, 2002 2:08 PM To: [EMAIL PROTECTED] Subject: Re: VNC through port 80? - having problems On Wed, Mar 20, 2002 at 02:35:22PM -0600, Kyle Yamnitz wrote: > > This *might* work on port 80 too (with -5820), but I haven't tried it > yet. I'm thinking it won't b/c wouldn't it have to go through the proxy > on port 80? I might try this tomorrow. You're probably right. If it goes through a proxy, then you can use that port for HTTP (normally 5800) but not RFB (normally 5900). -- Mike Ossmann, Tarantella/UNIX Engineer/Instructor Alternative Technology, Inc. http://www.alttech.com/ - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
New to VNC.
My ISP provides me with a home page as part of my service. Is it possible to use VNC to show a real time display of a windows program on my web site ? In other words, if I run a program in windows on my PC, is it possible to have that program window be displayed in real time on my personal web site ? I have a cable modem internet connection and use WinME. Basically, what I'm trying to do is this: I run a program called trunker.exe, which is used to show a live display of the frequency activity on a trunked radio system. I'd like to set it up so that while running the program, the window it runs in can be broadcasted over the internet on my web site, so that someone can log onto my personal home page and see a real time display of this program while it runs on my computer. Can this be done with VNC ? If not, is there any other way it can be done ? Thanks !! Ben Everett. [EMAIL PROTECTED] - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
ics
can somone please help me// im running ics and i want the client to get its own ip address.. im running Win98seplease help.. i want to use vnc SOOO badly _ **NOTE** this is a free web-based email service provided by Equal Vision Records. this email address does not belong to an employee of Equal Vision Records, nor are they associated with us in any way. **NOTE** Sign up for FREE email from Equal Vision Records at http://www.equalvision.com _ Run a small business? Then you need professional email like [EMAIL PROTECTED] from Everyone.net http://www.everyone.net?tag - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: New to VNC.
Can we say Major Bad Idea? Aside from the fact that VNC does not work like that, you would be inviting every cracker in the world in to your pc. Not sure teh right way to do what you want. But sounds more like a stream cast of some kind might be teh way to go. Evan On Wed, 20 Mar 2002 18:53:27 -0500 "Trunktracker" <[EMAIL PROTECTED]> wrote: > My ISP provides me with a home page as part of my service. Is it possible > to use VNC to show a real time display of a windows program on my web site ? > In other words, if I run a program in windows on my PC, is it possible to > have that program window be displayed in real time on my personal web site ? > I have a cable modem internet connection and use WinME. > > Basically, what I'm trying to do is this: I run a program called > trunker.exe, which is used to show a live display of the frequency activity > on a trunked radio system. I'd like to set it up so that while running the > program, the window it runs in can be broadcasted over the internet on my > web site, so that someone can log onto my personal home page and see a real > time display of this program while it runs on my computer. > > Can this be done with VNC ? If not, is there any other way it can be done ? > Thanks !! > > Ben Everett. > [EMAIL PROTECTED] > - > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC server in Java
The VNC server is not in Java. There is a Java Client. Is this what you are looking for? It is include with the VNC tarball/RPM. Evan On 20 Mar 2002 20:22:34 - "kiran chandramohan" <[EMAIL PROTECTED]> wrote: > sir > > I am a student of Computer engineering in college of > engineering, chengannur,kerala. > > We are going to do our project this semester. VNC is our topic. > Can you kindly inform from where we can download the source code > for VNC server for linux in Java. > > regards > Kiran > - > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: New to VNC.
>But sounds more like a stream cast of some kind might be teh way to go. > Evan Any ideas where I could get this stream cast ? Thanks. Ben Everett [EMAIL PROTECTED] . - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: New to VNC.
Ben, a "stream cast" is a general term. For instance, web-cams and real-player can use a stream cast to get the data to the client. Ultimately though, I agree with Evan, this would be a bad idea. If your still insisting on doing this, you may be able to do something with Citrix, but understand that none of these technologies are hack-proof, and unless you get something that is specifically tailored to this task, you may find that you give internet users access to USE your computer rather then just look at an application. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Trunktracker Sent: Wednesday, March 20, 2002 6:26 PM To: [EMAIL PROTECTED] Subject: Re: New to VNC. >But sounds more like a stream cast of some kind might be teh way to go. > Evan Any ideas where I could get this stream cast ? Thanks. Ben Everett [EMAIL PROTECTED] . - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: New to VNC.
Okay, well thanks for yur help. Perhaps I'll just set up a web cam. Ben Everett. [EMAIL PROTECTED] > Ben, a "stream cast" is a general term. For instance, web-cams and > real-player can use a stream cast to get the data to the client. > Ultimately though, I agree with Evan, this would be a bad idea. If your > still insisting on doing this, you may be able to do something with > Citrix, but understand that none of these technologies are hack-proof, > and unless you get something that is specifically tailored to this task, > you may find that you give internet users access to USE your computer > rather then just look at an application. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
RE: New to VNC.
Unfortunatly, that would have a hard time working as well. Computer Screens flicker when put in front of a camera, although I imagine that a good camera and a good monitor could keep the flicker to a minimum. What you really need to do automate the HTML saving system and have it deploy these updates to your website automatically in HTML format. I know that Trunker 2001 can output this information and you can probably use a tool like WinBatch (www.winbatch.com) to help you automate the export. This is the simplest way to do it with little to no programming knowledge. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Trunktracker Sent: Wednesday, March 20, 2002 7:48 PM To: [EMAIL PROTECTED] Subject: Re: New to VNC. Okay, well thanks for yur help. Perhaps I'll just set up a web cam. Ben Everett. [EMAIL PROTECTED] > Ben, a "stream cast" is a general term. For instance, web-cams and > real-player can use a stream cast to get the data to the client. > Ultimately though, I agree with Evan, this would be a bad idea. If your > still insisting on doing this, you may be able to do something with > Citrix, but understand that none of these technologies are hack-proof, > and unless you get something that is specifically tailored to this task, > you may find that you give internet users access to USE your computer > rather then just look at an application. - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Varying displays?
say I have 2 users, fryguy and bonzo, and each one has export display=:x in there .xsession file. How can I make it so that the .xsession file knows which display the right server is running on? I'm having the users ssh in and running the server themselves, since I don't want it running all the time. so when one runs vncserver, I need someway to tell ~/.xsession which display they are using. What other solutions do I have? This isn't for a large amount of users, probably less than 5 and most certainly less than 10, so could it be possible to just deny access to vncserver and keep the necessary servers running all of the time? how much resources does it take up idle? and how much bandwidth? - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC server in Java
Hi Kiran, We are also in the process of simulating and enhancing WinVnc server and client, but under windows environment. If you are intrested let me know. regards >From: "kiran chandramohan" <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: [EMAIL PROTECTED] >Subject: VNC server in Java >Date: 20 Mar 2002 20:22:34 - > >sir > > I am a student of Computer engineering in college of >engineering, chengannur,kerala. > >We are going to do our project this semester. VNC is our topic. >Can you kindly inform from where we can download the source code >for VNC server for linux in Java. > >regards >Kiran >- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >- With Regards, Saravanan [EMAIL PROTECTED] _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
Receiving Hooks from all the applications
Hello, I saw that there is a problem at the hooks DLL with receiving hooks event from all the applications on the desktop. The hooks I get are only from the vinvnc exe . Does any one knows what the problem can be? And how to get the hooks from all the applications . Thanks, Naama _ Chat with friends online, try MSN Messenger: http://messenger.msn.com - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
