Screen sharing and VNC

From MacFAQ

---+ Client software

Chicken of the VNC

---+ Server software

The [[1][Apple Remote Desktop]] client which is part of Mac OS X includes a VNC server. You'll need version 2.0 or newer. Go to System Preferences > Sharing > Apple Remote Desktop and turn it on. In Access Privileges tick the VNC box.

[[2][OSXvnc]] is the only other VNC server I'm currently aware of.

---+ Tunnelling VNC through SSH

One problem with VNC is that it transmits passwords in unencrypted text: a bad idea. To get round this you can open an SSH connection to the VNC server and pipe your VNC data through that.

---++ Set up the server

You can set up OSXvnc to allow only local connections.

In the terminal (this is assuming that you've put OSXvnc in the Applications folder):

sudo /Applications/OSXvnc.app/OSXvnc-server -rfbport 5901 -rfbauth /Applications/OSXvnc.app/.osxvncauth -localhost

This starts up the VNC server on port 5901, allowing only connections from localhost (i.e. it won't permit connections from other hosts on the Internet, or even on the LAN).

You can do the same thing from the OSXvnc graphical user interface - set the port and tick the "only allow local connections" box.

---++ Set up the client

We need to open up the SSH tunnel:

ssh -L 5901:127.0.0.1:5901 username@address.of.vnc.server

If the username on the client and server are the same you don't need to use "username@".

"-L 5901:127.0.0.1:5901" means "forward port 5901 on *your* computer (i.e. 127.0.0.1, also known as *localhost*) to port 5901 on the server".

Finally, in your VNC client connect as usual, with the difference that now you connect not using the address of the VNC server, but "localhost". The SSH tunnel will do the rest.