Re: [tlug] VNC, secure or better options?

[Curt Sampson <cjs@example.com>]

On 2008-06-30 00:26 +0900 (Mon), Dave M G wrote:

> 1. The VNC server on the Mythbuntu machine is on all the time. It is 
> password protected, and also I set the Firewall (with Firestarter) up to 
> only accept connections from the local IP address range. Is that good 
> enough for security? I've heard people say that VNC is not very secure.

You'd probably be better off, if you're running it all the time and
automatically accepting connections, to have it listen on localhost
only, and use ssh port forwarding for the connection. That will ensure
that only people who can log in to the box anyway can use it.

> 2. Since I'm accessing it over the local network, I'm wondering if VNC is 
> the best route. I'm wondering because it is kind of slow.

I'm wondering if this might be something related to the packge or the
configuration. VNC to an Ubuntu machine here at work is also annoyingly
slow, and oddy enough, using the machine directly at the console also
becomes slow when a vnc viewer is active. On the other hand, I set up an
Xvnc server (separate from my console) on my NetBSD box once in a while
and use VNC to access it, and it works much better.

If you just need to run specific programs, rather than have general
access to the desktop, and you're using a fast connection, you might
want to consider just ssh'ing into the machine with X11 forwarding
enabled, and running the program directly. It will be running on the
remote machine, but talking to your local X11 server. This is also quite
secure.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974   
Mobile sites and software consulting: http://www.starling-software.com