Bundled software co - shipped is copyright and licensed by others. See these sites and related ones for more information :. Note : Some of the binaries included contain cryptographic software that. Please check. See the. All work done by Karl J. Runge in this project is.
Runge and is licensed under the GPL as. All the files and information in this project are provided "AS IS". Use them at your own risk. This bundle contains a convenient collection of enhanced TightVNC. Automatic SSL and. SSH encryption tunnelling is provided. Launch ssvnc. It is a self - contained bundle , you could carry it around on , say ,. Unix , Mac , or Windows. Features :. The enhanced TightVNC viewer features are :. Viewer e.
VNC servers on your local network if the avahi - browse or dns - sd. In addition. ZRLE to improve compression of motion video and photo regions. Both UltraVNC and x11vnc servers support these. Note that the x11vnc server supports. ARC4 and. Any server using the same. Popup dialog asking whether to accept the connection or not. This will "hide" the large pixel buffer cache. Set to actual height or use - 1 for.
One can also pan move. Default assumes you are using SSH tunnel. The list of software bundled in the archive files :. TightVNC Viewer windows , unix , macosx. Chicken of the VNC Viewer macosx. Stunnel windows , unix , macosx. OpenSSL windows. These are all self - contained in the bundle directory : they will not be. Just un - zip or un - tar the file you downloaded. Quick Start :. Unix and Mac OS X :. Inside a Terminal do something like the following.
Unpack the archive :. Run the GUI :. Then our. Control-h will toggle between the two modes. Or click "Terminal Services" under Options. Control-t will toggle between the two modes. There is no standard install for the bundles, but you can make. For the conventional source tarball it will compile and install, e. Unzip, using WinZip or a similar utility, the zip file:.
You can make a Windows shortcut to this program if you want to. Control-t will toggle. But then. We recommend to not copy. Rather, extract. If you must put a launcher file down in "Program Files", perhaps an. Terminal Services Mode. There is an even simpler mode that uses x11vnc on the remote side for the. Bundle Info :. It contains these programs to launch the GUI :. Your bundle file should have included binaries for many OS 's: Linux,.
Solaris, FreeBSD, etc. Unpack your archive and see the subdirectories of. Note: there will be a 2nd SSL helper process that will not switch, but it is only encoding and decoding the encrypted stream at that point. NOTE: The option "-find" is an alias for this mode.
To have this default script printed to stdout e. If your X server s have a login greeter that exclusively grabs the Xserver, then xdpyinfo blocks forever and this mode will not work. See www. This is usually done in -inetd mode to run on, say, port and allow the Java vncviewer to be downloaded by client web browsers. The ":" is optional. Ranges n-m e. On some systems lsof 1 can be very slow. Set the env. This is the only time x11vnc tries to actually start up an X server.
NOTE: The option "-create" is an alias for this mode. Xdummy only works on Linux. Xvfb is available on most platforms and does not require root. When x11vnc exits i. The user must exit the X session in the usual way for it to terminate or kill the X server process if all else fails.
This can be used from, say, inetd 8 to provide a means of definitely getting a desktop either real or virtual on the machine. If for some reason you do not want x11vnc to ever try to find an existing display set the env. You can specify the preferred X server order via e. The the case "X" means try to start up a real, hardware X server using xinit 1 or startx 1. If there is already an X server running the X case may only work on Linux see startx 1.
You can make this be a wrapper script if you like it must handle :N, -geometry, and -depth and other X server options. The user will have to supply his username and password one more time but he gets to select his desktop type so that can be useful. This seems to be: for gdm in gdm. If you set the env.
In this case it will start up Xvnc as above if needed, but instead of polling it in its normal way, it simply does a socket redirection of the connected VNC viewer to the Xvnc. So in Xvnc. This should be faster then x11vnc's polling method, but not as fast as connecting directly to the Xvnc with the VNC Viewer. Most of x11vnc's options do not apply in this mode. To control when and how VeNCrypt is used, specify the mode string. If mode is "never", then VeNCrypt is not used.
If mode is "support" the default then VeNCrypt is supported. If mode is prefixed with "nodh:", then Diffie Hellman anonymous key exchange is disabled. If mode is prefixed with "nox", then X key exchange is disabled. To disable all Anonymous Diffie-Hellman access susceptible to Man-In-The-Middle attack you will need to supply "-vencrypt nodh:support -anontls never" or "-vencrypt nodh:only" If mode is prefixed with "newdh:", then new Diffie Hellman parameters are generated for each connection this can be time consuming: secs; see -dhparams below for a faster way rather than using the fixed values in the program.
Using fixed, publicly known values is not known to be a security problem. Otherwise in -unixpw mode the normal login panel is provided. The -vencrypt option only fine-tunes its operation. If mode is "only", then the similar VeNCrypt protocol is not simultaneously supported.
If mode is prefixed with "newdh:", then new Diffie Hellman parameters are generated for each connection this can be time consuming: secs; see -dhparams below for a faster way rather than using the fixed values in the program. This setting applies to VeNCrypt as well. See the description of "plain:" under -vencrypt. The -anontls option only fine-tunes its operation. You must also supply the -ssl If so, use the parameters in "file".
By default a fixed set is used. If you do not want to do that you can specify "newdh:" to the -vencrypt and -anontls options to generate a new set each session. If that is too slow for you, use -dhparams file to a set you created manually via "openssl dhparam -out file " -nossl Disable the -ssl option see below.
This requires libssl support to be compiled into x11vnc at build time. If x11vnc is not built with libssl support it will exit immediately when -ssl is prescribed. See the -stunnel option below for an alternative. The connecting VNC viewer SSL tunnel can at its option authenticate this server if it has the public key part of the certificate or a common certificate authority, CA, is a more sophisticated way to verify this server's cert, see -sslGenCA below.
This authentication is done to prevent Man-In-The-Middle attacks. If [pem] is empty or the string "SAVE" then the openssl 1 command must be available to generate the certificate the first time. On subsequent calls if that file already exists it will be used directly.
However in -inetd and -bg modes there will be no prompting for a passphrase in either case. If [pem] is "TMP" and the openssl 1 utility command exists in PATH, then a temporary, self-signed certificate will be generated for this session. If openssl 1 cannot be used to generate a temporary certificate x11vnc exits immediately.
The temporary cert will be discarded when x11vnc exits. If successful in using openssl 1 to generate a temporary certificate in "SAVE" or "TMP" creation modes, the public part of it will be displayed to stderr e. For such binaries, consider using the -stunnel option for SSL encrypted connections. In some situations i.
Set to zero to poll forever. Set to a negative value to use the builtin setting. The default timeout for that is 20sec. Useful when scripting SSL connections e. This can be used as a method to replace standard password authentication of clients. If "path" is a directory it contains the client or CA certificates in separate files.
If path is a file, it contains one or more certificates. See special tokens below. See the stunnel 8 manpage for details. Then you can point -sslverify to the HASH subdir. As a kludge, use a token like.. Note that if the "CA" cert is loaded you do not need to load any of the certs that have been signed by it.
You will need to load any additional self-signed certs however. Examples: x11vnc -ssl -sslverify CA x11vnc -ssl -sslverify self:fred,self:jim x11vnc -ssl -sslverify CA,clients Usually "-sslverify CA" is the most effective. CA management is not needed.
That way the administrator could generate a single CA key with -sslGenCA and distribute its certificate part to all of the workstations. Optionally, the admin could also make it so the VNC clients themselves are authenticated to x11vnc -sslGenCert client On the VNC client side, they will need to be "imported" somehow.
This setting applies for both -ssl and -stunnel modes. See the OpenSSL and stunnel 8 documentation for more info. This option only applies if -sslverify has been supplied: it checks for revocation along the certificate chain used to verify the VNC client. The -sslCRL setting will be ignored when -sslverify is not specified. Only rarely will one's x11vnc -ssl infrastructure be so large that this option would be useful since normally maintaining the contents of the -sslverify file or directory should be enough.
To create a CRL file with revoked certificates the commands 'openssl ca -revoke This command also creates directories where server and client certs and keys will be stored. The openssl 1 program must be installed on the system and available in PATH. You will be prompted for information to put into the CA certificate.
The info does not have to be accurate just as long as clients accept the cert for VNC connections. You will also need to supply a passphrase of at least 4 characters for the CA private key. One will need to "import" this certificate in the applications, e. Web browser, Java applet plugin, stunnel, etc. Next, you can create and sign keys using the CA with the -sslGenCert option below.
After the Certificate is generated x11vnc exits; the VNC server is not run. The type of key to be generated is the string "type". It is either "server" i. Note that typically only "server" is used: the VNC clients authenticate themselves by a non-public-key method e. VNC or unix password. An arbitrary default name you want to associate with the key is supplied by the "name" string.
You can change it at the various prompts when creating the key. If name is left blank for clients keys then "nobody" is used. If left blank for server keys, then the primary server key: "server. If "name" begins with the string "req:" then only a key. You can then send the. Thawte and then combine the. The distinction between "server" and "client" is simply the choice of output filenames and sub-directory. And similarly makes it easy for the -sslverify option to pick up your client certs. There is nothing special about the filename or directory location of either the "server" and "client" certs.
You can rename the files or move them to wherever you like. Note you cannot recreate a cert with exactly the same distiguished name DN as an existing one. Similar to -sslGenCA, you will be prompted to fill in some information that will be recorded in the certificate when it is created. Tip: if you know the fully-qualified hostname other people will be connecting to, you can use that as the CommonName "CN" to avoid some applications e. You will also need to supply the CA private key passphrase to unlock the private key created from -sslGenCA.
This private key is used to sign the server or client certificate. The "server" certs can be used by x11vnc directly by pointing to them via the -ssl [pem] option. This one would be used by simply typing -ssl SAVE. The pem file contains both the certificate and the private key. Once that is done you can delete the "client" private key file on this machine since it is only needed on the VNC viewer side.
The, e. NOTE: It is very important to know one should generate new keys with a passphrase. Otherwise if an untrusted user steals the key file he could use it to masquerade as the x11vnc server or VNC viewer client. You will be prompted whether to encrypt the key with a passphrase or not. It is recommended that you do. One inconvenience to a passphrase is that it must be typed in EVERY time x11vnc or the client app is started up.
For that key to be used e. The "SAVE" notation described under -ssl applies as well. After the Key file is encrypted the x11vnc command exits; the VNC server is not run. In addition the public certificate is also printed. The openssl 1 program must be in PATH. Basically the command "openssl x -text" is run on the pem. After the info is printed the x11vnc command exits; the VNC server is not run. Giving a client or server cert shortname will also try a lookup e.
This is a useful way for other OpenSSL applications e. The scripts are printed to stdout and then the x11vnc program exits. This external tunnel method was implemented prior to the integrated -ssl encryption described above. It still works well and avoids the requirement of linking with the OpenSSL libraries.
This mode requires stunnel to be installed on the system and available via PATH n. Version 4. See the -ssl option for more info on certificate files. Whether or not your stunnel has its own certificate depends on your stunnel configuration; stunnel often generates one at install time. See your stunnel documentation for details. In any event, if you want to use this certificate you must supply the full path to it as [pem].
Note: the file may only be readable by root. If [pem] is not supplied, "SAVE" is assumed. The -localhost option is enforced by default to avoid people routing around the SSL channel. Unfortunately not too many do this. See the information about SSL viewers under the -ssl option. Note that for the Java viewer applet usage the "? In general, it is also not too difficult to set up an stunnel or other SSL tunnel on the viewer side.
A simple example on Unix using stunnel 3. NOTE: It is recommended that you use SSL via the -ssl option instead of this option because SSL is well understood and takes great care to establish unique session keys and is more compatible with other software. Or if you must interface with a symmetric key tunnel that you do not have control over. See the OpenSSL documentation for more info. The keysize is bits except for aes Example: -enc blowfish:.
The other side must read these and initialize their cipher with them. These values make the session key unique without them the security is minimal. Similarly, the other side must send us its random salt and IV with those same lengths. The cipher is then seeded with keystr and uses the random initialization vector as its first block. To modify the amount of random salt and initialization vector use cipher n,m where n is the salt length and m the initialization vector length.
The cipher 1st arg is basically the same syntax as we use above. For both ways of using the viewer, you can specify the salt,ivec sizes in GUI or, e. GET is taking place and handle it accordingly. The URL would be, e.
However, this heuristic adds a few seconds delay to each connection and can be unreliable especially if the user takes much time to ponder the Certificate dialogs in his browser, Java VM, or VNC Viewer applet.
That's right 3 separate "Are you sure you want to connect? If [port] is not provided or is 0 , one is autoselected. The URL to use is printed out at startup. The SSL Java applet directory is specified via the -httpdir option. If not supplied, -https will try to guess the directory as though the -http option was supplied.
For example, one could redir from mygateway. This option does not work in -stunnel mode. As mentioned above, this mode will NOT work with the -ssl, -stunnel, or -enc encryption options. Note that is it equivalent to '-enc none' i. This mode could also be useful for SSH tunnels since it means only one port needs to be redirected. The -httpsredir option may also be useful for this mode when using an SSH tunnel as well as for router port redirections. By default the remote sshd is usually configured to listen only on localhost for rport, so the viewer may need to ssh -L redir to "host" as well See SSVNC to automate this.
The sshd setting GatewayPorts enables listening on all interfaces for rport; viewers can reach it more easily. If disp is greater than the value is used as the port. Use a negative value to force a low port, e. By default the remote ssh will issue a 'sleep ' to wait for the incoming connection for 5 mins. If the remote SSH server is on a non-standard port i. It tries by looking at ps 1 output.
If x11vnc is not running as root this option is ignored. Why use this option? In general it is not needed since x11vnc is already connected to the X display and can perform its primary functions. In particular under GNOME and KDE to implement the "-solid color" feature external commands gconftool-2 and dcop unfortunately must be run as the user owning the desktop session. Since this option switches userid it also affects the userid used to run the processes for the -accept and -gone options.
It also affects the ability to read files for options such as -connect, -allow, and -remap and also the ultra and tight filetransfer feature if enabled. Note that the -connect file is also sometimes written to. So be careful with this option since in some situations its use can decrease security. In general the switch to a user will only take place if the display can still be successfully opened as that user this is primarily to try to guess the actual owner of the session.
Example: "-users fred,wilma,betty". What happens next? Under display managers it may be a long time before the switch succeeds i. The latter i. Use the following notation to associate a group with a user: user1. Note that initgroups 2 will still be called first to try to switch to ALL of a user's groups primary and additional groups. Only if that fails or it is not available then the single group specified as above or the user's primary group if not specified is switched to with setgid 2.
This sort of setting is only really needed to make the ultra or tight filetransfer permissions work properly. Otherwise a user may be able to log in as another. This command can be of use in checking: "openssl x -text -in file. That user needs to be able to open the X display and any files of course. So it "lurks" waiting for anyone to log into an X session and then connects to it. To enable a different searching mode, if the first user in the list is something like ":0" or "" that indicates a range of DISPLAY numbers that will be tried regardless of whether they are in the utmpx database for all users that are logged in.
Also see the "-display WAIT They are not recommended for use on machines with untrustworthy local users. Remote displays can be polled this way: be careful this can use large amounts of network bandwidth. This is also of use if the local machine has a limited number of shm segments and -onetile is not sufficient.
Ignored unless -noshm is set. Limits shm segments used to 3. To disable any automatic shm reduction set the env. The [color] is optional: the default color is "cyan4". For a different one specify the X color rgb. This also works on native MacOSX. Other desktops won't work, send us the corresponding commands if you find them. If x11vnc guesses your desktop incorrectly, you can force it by prefixing color with "gnome:", "kde:", "cde:", "xfce:", or "root:". Update: -solid no longer works on KDE4.
This mode works in a limited way on the Mac OS X Console with one color 'kelp' using the screensaver writing to the background. If one of the items on the list is the string "noptr" the mouse pointer will not be allowed to go into a blacked out region. Use "-noxwarppointer" if you do not want this.
For use on legacy systems, e. See the xrandr 1 manpage and run 'xrandr -q' for more info. It is best to be viewing with a vncviewer that supports the NewFBSize encoding, since it knows how to react to screen size changes. Otherwise, LibVNCServer tries to do so something reasonable for viewers that cannot do this portions of the screen may be clipped, unused, etc. If a resize event is received, the full -xrandr mode is enabled. To disable even checking for events supply: -noxrandr.
This mode could be useful on a handheld with portrait or landscape modes that do not correspond to the scanline order of the actual framebuffer. If you do not want the cursor shape to be rotated prefix "string" with "nc:", e. Shortly afterwards the framebuffer is replaced with the real one.
This is intended for use with vncviewers that do not support NewFBSize and one wants to make sure the initial viewer geometry will be big enough to handle all subsequent resizes e. In -unixpw mode this sets the size of the login screen. Use "once:WxH" it ignore padgeom after the login screen is set up. Same as "-logfile file". To append to the file use "-oa file" or "-logappend file". This option could be useful by wrapper script to detect when x11vnc is ready.
The file is created at startup if it does not already exist or if "file" is prefixed with "create:". If the file is created, the x11vnc PID is placed in the file. Otherwise the files contents is not changed. Use prefix "nocreate:" to prevent creation. This is a convenience utility to avoid shell script wrappers, etc.
You may specify as many of these as needed on the command line. Same as -copying and -warranty. The -quiet option does not eliminate all informational output, it only reduces it. It is ignored in most auxiliary usage modes, e. Messages to stderr are lost unless -o logfile is used. Also useful in resolving cases where a Keysym is bound to multiple keys e. Default: -modtweak If you are having trouble with with keys and -xkb or -noxkb, and similar things don't help, try -nomodtweak.
On some HP-UX systems it is been noted that they have an odd keymapping where a single keycode will have a keysym, e. You can check via "xmodmap -pk" or the -dk option. The failure is when you try to type " " it yields "3".
This is powerful and should be tried if there are still keymapping problems when using -modtweak by itself. The default is to check whether some common keysyms, e. To disable this automatic detection use -noxkb. When -xkb mode is active you can set these env. They apply only when there is ambiguity as to which key to choose i. If it is do not artificially press Shift to generate the keysym. If one side has CapsLock on and the other off and the keyboard is not behaving as you think it should you should correct the CapsLock states hint: pressing CapsLock inside and outside of the viewer can help toggle them both to the correct state.
Also try -nomodtweak for a possible workaround. Nevertheless your capitalized letters come in over the wire and are applied correctly to the x11vnc-side X server. Note this mode probably won't do what you want in -nomodtweak mode. See also -capslock above. Perhaps these are keycodes not on your keyboard but your X server thinks exist.
Currently only applies to -xkb mode. Run 'xmodmap -pk' to see your keymapping. Only use this option if you observe problems with some keystrokes. Added Keysyms will be removed periodically and also when x11vnc exits. The Lock modifiers are skipped. Used to clear the state if the display was accidentally left with any pressed down. Format is one pair of Keysyms per line can be name or hex value separated by a space. If no file named "string" exists, it is instead interpreted as this form: key1-key2,key3-key4, To map a key to a button click, use the fake Keysyms "Button1", This way those little used keys can be used to generate bigger hops than the Up and Down arrows provide.
One can scroll through text or web pages more quickly this way especially if x11vnc scroll detection is active. Use Button44, Button12, etc. To disable a keysym i. Dead keys: "dead" or silent, mute keys are keys that do not produce a character but must be followed by a 2nd keystroke.
This is often used for accenting characters, e. Note that this interpretation is not part of core X11, it is up to the toolkit or application to decide how to react to the sequence. However some VNC viewers send the keysyms "grave", "acute" instead thereby disabling the accenting.
To work around this -remap can be used. Additional remaps may also be supplied via commas, e. This works around a repeating keystrokes bug triggered by long processing delays between key down and key up client events: either from large screen changes or high latency. Default: -norepeat You can set the env. Note: your VNC viewer side will likely do autorepeating, so this is no loss unless someone is simultaneously at the real X display.
Use "-norepeat N" to set how many times norepeat will be reset if something else e. X session manager undoes it. The default is 2. Use a negative value for unlimited resets. Intended for use with Win2VNC and x2vnc dual-monitor setups. To work around apps setting the selection too frequently and messing up the other end. You can actually supply a comma separated list of directions, including "debug" to turn on debugging output.
The "mode" string is optional and is described below. The default is to show some sort of cursor shape s. How this is done depends on the VNC viewer and the X server. Use -nocursor to disable cursor shapes completely. Some VNC viewers support the TightVNC CursorPosUpdates and CursorShapeUpdates extensions cuts down on network traffic by not having to send the cursor image every time the pointer is moved , in which case these extensions are used see -nocursorshape and -nocursorpos below to disable.
For other viewers the cursor shape is written directly to the framebuffer every time the pointer is moved or changed and gets sent along with the other framebuffer updates. In this case, there will be some lag between the vnc viewer pointer and the remote cursor position. If the X display supports retrieving the cursor shape information from the X server, then the default is to use that mode.
A similar overlay scheme is used on IRIX. Xorg e. This can be disabled with -nocursor, and also some values of the "mode" option below. Note that under XFIXES cursors with transparency alpha channel will usually not be exactly represented and one may find Overlay preferable. See also the -alphacut and -alphafrac options below as fudge factors to try to improve the situation for cursors with transparency for a given theme.
The "mode" string can be used to fine-tune the displaying of cursor shapes. It can be used the following ways: "-cursor arrow" - just show the standard arrow nothing more or nothing less. Some desktops such as GNOME cover up the root window completely, and so this will not work, try "X1", etc, to try to shift the tree depth.
On high latency links or slow machines there will be a time lag between expected and the actual cursor shape. This is a complete hack, but may be useful in some situations because it provides a little more feedback about the cursor shape.
This is useful if you want to be able to see Drag-and-Drop cursor icons, etc. Note: To work around a crash in Xorg 1. The Xorg crash occurred right after a Display Manager e. GDM login. Starting with x11vnc 0. This option sets n as a cutoff for cursors that have transparency "alpha channel" with values ranging from 0 to Any cursor pixel with alpha value less than n becomes completely transparent.
Otherwise the pixel is completely opaque. Default -alphafrac fraction With the threshold in -alphacut some cursors will become almost completely transparent because their alpha values are not high enough. For those cursors adjust the alpha threshold until fraction of the non-zero alpha channel pixels become opaque. Default 0. Specify this option to remove the alpha factor. The default is to send it. The alphablend effect will only be visible in -nocursorshape mode or for clients with cursorshapeupdates turned off.
However there is a hack for 32bpp with depth 24, it uses the extra 8 bits to store cursor transparency for use with a hacked vncviewer that applies the transparency locally. See -cursor above. Other clients will be able to see the pointer motions. Use this as a workaround if the pointer motion behaves incorrectly, e. To prevent this, use -noxwarppointer.
Recent gui toolkits gnome have problems with x11vnc's original mouse input injection method. So x11vnc's mouse input injection method has been modified. Then x11vnc will always force positioning the mouse to the x,y position even if that position has not changed since the previous VNC input event. The first place this problem was noticed was in gnome terminal: if you pressed and released mouse button 3, a menu was posted and then its first element 'New Terminal Window' was activated.
This was because x11vnc injected the mouse position twice: once on ButtonPress and again on ButtonRelease. The toolkit interpreted the 2nd one as mouse motion even though the mouse hadn't moved. So now by default x11vnc tries to avoid injecting the 2nd one.
Note that with the new default x11vnc will be oblivious to applications moving the pointer warping or the user at the physical display moving it. So it might, e. Note: mapping of button clicks to Keysyms may not work if -modtweak or -xkb is needed for the Keysym. Workaround: use -buttonmap IJ Greatly improves response on slow setups, but you lose all visual feedback for drags, text selection, and some menu traversals.
Framebuffer memory "n" an integer times that of the full display is allocated below the actual framebuffer to cache screen contents for rapid retrieval. Use 0 to disable. The "n" is actually optional, the default is Also, "-nonc" is the same as "-ncache 0" This is an experimental option, currently implemented in an awkward way in that in the VNC Viewer you can see the pixel cache contents if you scroll down, etc.
So you will have to set things up so you can't see that region. If this method is successful, the changes required for clients to do this less awkwardly will be investigated. Note that this mode consumes a huge amount of memory, both on the x11vnc server side and on the VNC Viewer side.
As a rule of thumb, note that x at depth 24 is about 5MB of pixel data. For reasonable response when cycling through 4 to 6 large e. Because of the way window backingstore and saveunders are implemented, n must be even. It will be incremented by 1 if it is not. Another is the window iconification animations need to be avoided see -macicontime. It appears the that the 'Scale' animation mode gives better results than the 'Genie' one.
Also, window event detection not as accurate as the X version. The wireframe will still be used when moving a window whose save-unders has not yet been set or has been invalidated. Some VNC Viewers provide better response than others with this option. On Unix, realvnc viewer gives smoother drags than tightvnc viewer.
Response may also be choppy if the server side machine is too slow. Sometimes on very slow modem connections, this actually gives an improvement because no pixel data at all not even the box animation is sent during the drag. The default is to assume it does, and so at the beginning of any wireframe, etc, window moves the window will be pushed to top in the VNC viewer.
The default is to try to guess and when detected try to make the transistion more smoothly. For other window managers or desktops that provide animations, effects, compositing, translucency, etc. This can be used to try to improve the situation with dropshadows or other compositing e.
MacOS X window manager , although it could make things worse. This is based completely on heuristics and may not always work: it depends on your window manager and even how you move things around. If you don't specify enough commas, the trailing parameters are set to their defaults. This is a speedup to quickly exclude a window from being wireframed: set them all to zero to not try the speedup scrolling and selecting text will likely be slower.
It can be "0" or "none" to skip it, "1" or "all" to apply it to any modifier, or "Shift", "Alt", "Control", "Meta", "Super", or "Hyper" to only apply for that type of modifier key. If a slow link is detected, these values may be automatically changed to something better for a slow link.
Use this option to disable this behavior. This is the VNC CopyRect encoding: the framebuffer update doesn't need to send the actual new image data. Shorter aliases: -wcr [mode] and -nowcr "mode" can be "never" same as -nowirecopyrect to never try the copyrect, "top" means only do it if the window was not covered by any other windows, and "always" means to translate the orginally unobscured region this may look odd as the remaining pieces come in, but helps on a slow link.
Default: "always" Note: there can be painting errors or slow response when using -scale so you may want to disable CopyRect in this case "-wirecopyrect never" on the command line or by remote-control. Or you can also use the "-scale xxx:nocr" scale option. Specify multiple times for more output. Or scrolling with a scrollbar or mouse wheel. Shorter aliases: -scr [mode] and -noscr This scheme will not always detect scrolls, but when it does there is a nice speedup from using the VNC CopyRect encoding see -wirecopyrect.
On the other hand, it may induce undesired transients e. These are automatically repaired in a short period of time. If this is unacceptable disable the feature with -noscrollcopyrect. Both of these are modifier keys, and so should not generate characters when pressed by themselves. Also, your VNC viewer may have its own refresh hot-key or button. Default: "always" Note: there can be painting errors or slow response when using -scale so you may want to disable CopyRect in this case "-scrollcopyrect never" on the command line or by remote-control.
This is to avoid wasting the effort on small rectangles that would be quickly updated the normal way. We want to be sure to skip the small scrollbar and get the large panel. Some applications implement their scrolling in strange ways where the XCopyArea, etc, also applies to invisible portions of the window: if we CopyRect those areas it looks awful during the scroll and there may be painting errors left after the scroll.
Use " " to denote the start of the application class e. If a pattern is prefixed with "KEY:" it only applies to Keystroke generated scrolls e. Up arrow. Default: Soffice. One probably wants to have application specific lists e. If "list" begins with the "-" character the list is taken as an exclude list: all keysyms except those list will be considered. The special string "builtin" expands to an internal list of keysyms that are likely to cause scrolls.
For example an annoying transient under scroll detection is if you hit Enter in a terminal shell with full text window, the solid text cursor block will be scrolled up. So for a short time there are two or more block cursors on the screen. There are similar scenarios, e. These transients are induced by the approximation of scroll detection e.
In nearly all cases these transient errors are repaired when the true X framebuffer is consulted by the normal polling. But they are distracting, so what this option provides is extra "padding" near the bottom of the terminal window: a few extra lines near the bottom will not be scrolled, but rather updated from the actual X framebuffer.
This usually reduces the annoying artifacts. Use "none" to disable. A time per single scroll estimate is performed and if that estimate predicts a sustainable scrollrate of keys per second between "lo" and "hi" then repeated keys will be DISCARDED to maintain the scrollrate. If -wireframe overlaps it takes precedence. This is a speedup to quickly exclude a window from being watched for scrollcopyrect: set them all to zero to not try the speedup things like selecting text will likely be slower.
Hopefully you won't need this option, it is intended for cases when the -scrollcopyrect or -wirecopyrect features leave too many painting errors, but it can be used for any scenario. This option periodically performs costly operations and so interactive response may be reduced when it is on. C sets how long to wait after a CopyRect to repaint the full screen. X sets how frequently to reread the full X11 framebuffer from the X server and push it out to connected viewers.
Use of X should be rare, please report a bug if you find you need it. Specify it multiple times for more output. This is currently used by the -scrollcopyrect scheme and to monitor X server grabs. This is only if the whole-server grabbing application expects mouse or keyboard input before releasing the grab. It is usually a window manager that does this.
Or manually kill and restart the window manager if that is feasible. If you experience a lot of grab deadlock, please report a bug. The problem is pointer motion can cause rapid changes on the screen: consider the rapid changes when you drag a large window around opaquely. Neither x11vnc's screen polling and vnc compression routines nor the bandwidth to the vncviewers can keep up these rapid screen changes: everything will bog down when dragging or scrolling. So a scheme has to be used to "eat" much of that pointer input before re-polling the screen and sending out framebuffer updates.
The mode number "n" can be 0 to 4 and selects one of the schemes desribed below. From this, it aggressively tries to push screen "frames" when it decides it has enough resources to do so. The default n is 2. Also note that these modes are not available in -threads mode which has its own pointer event handling mechanism. Default: 10 -allinput Have x11vnc read and process all available client input before proceeding. Use the -speeds option to set these manually.
If a value is left blank, e. SunRay, shadowfb, dummy driver, Xvfb , the read rate may be much faster. It is up to you to estimate the network bandwith and latency to clients. For the latency the ping 1 command can be used. For convenience there are some aliases provided, e. The aliases are: "modem" for 6,4,; "dsl" for 6,,50; and "lan" for 6,,1 -wmdt string For some features, e. By default it tries to guess which one, but it can guess incorrectly.
Anything else is interpreted as "root". Same as -dp and -dk, respectively. Use multiple times for more output. Used to cut down on load. What this does is perform extra polls of the client socket at critical times before '-defer' and '-wait' calls. A downside of these extra calls is that more mouse input may be processed than desired.
Improves response, but increases the load whenever you are moving the mouse or typing. Default: 2. Some activities with no user input can slow things down a lot: consider a large terminal window with a long build running in it continuously streaming text output. By default x11vnc will try to detect this 3 screen polls in a row each longer than 0.
Use this option to disable that detection. For special purpose usage where a low frame rate is acceptable and desirable, but you want the user input processed at the normal rate so you cannot use -wait. Use this only if applications misbehave by not repainting themselves properly.
See also -noxdamage. Default: take naps -sb time Time in seconds after NO activity e. Default: 60 Set the env. On slow links that take a long time to paint the first screen LibVNCServer may hit the timeout and drop the connection. Default: 20 seconds. This interferes with x11vnc's polling of the framebuffer data. See the xset 1 manpage for details. DPMS reduced power monitor states are a good thing and you normally want the power down to take place usually x11vnc has no problem exporting the display in this state.
You probably only want to use "-nodpms" to work around problems with Screen Savers kicking on in DPMS low power states. Specifying "-nodpms" works around it. This is to prevent nosey people at the physical display from viewing what is on the screen.
Be sure to lock the screen before disconnecting. This method is far from bullet proof, e. On many machines if he floods it with keyboard and mouse input he can see flashes of what is on the screen before the DPMS off state is reestablished. For this to work securely there would need to be support in the X server to do this exactly rather than approximately with DPMS. This allows the VNC viewer to click a button that will cause the server x11vnc to try to disable keyboard and mouse input at the physical display and put the monitor in dpms powered off state.
Use this option to skip powering off the monitor. That way the person on the VNC viewer-side can chat with the person at the physical X11 console. The ssvncviewer is used as a chat window helper. To specify a different rfbversion, place it after the -chatwindow option on the cmdline. See also the remote control 'chaton' and 'chatoff' actions. These can also be set from the tkx11vnc GUI. Use -xdamage if your default is to have it off. So heuristics were introduced to skip large areas and use the damage rectangles only as "hints" for the traditional scanline polling.
The default 1. Increase it if there are problems or decrease it to live on the edge perhaps useful on a slow machine. For "ignore" LibVNCServer will handle the abrupt loss of a client and continue, for "exit" x11vnc will cleanup and exit at the 1st broken connection. This option is not really needed since LibVNCServer is doing the correct thing now for quite some time. However, for convenience you can use it to ignore other signals, e. You can also put "exit
|Ultravnc java viewer repeater watch||516|
|Ultravnc java viewer repeater watch||For both ways of using the viewer, you can specify the salt,ivec sizes in GUI or, e. Specify it multiple times for more output. Subse- quent re-connections will only only require the SSH login. Let us know if you find otherwise. This private key is used to sign the server or client certificate. In general, it is also not too difficult to set up an stunnel or other SSL tunnel on the viewer side.|
|Ultravnc java viewer repeater watch||Winscp wine|
|Glassdoor cisco software engineer staff salary||269|
|Ultravnc java viewer repeater watch||Here is an example script note it has a hardwired bogus password "abc"! This is often used for accenting characters, e. You can change it at the various prompts when creating the key. If it does, then the -ssl or -stunnel requirement will be dropped since it is assumed you are using ssh for the encrypted tunnelling. This is the default under "video" mode if the bpp is|
|Workbench dog holes spacing||Ultravnc max cpu|
|Vnc server serials||651|
|Search and replace mysql workbench import||Otherwise the part before "," is for normal clients and the part after for view-only clients. You will need to load any additional self-signed certs however. How to solve? Also try the -8to24 option to avoid flash altogether. This is a convenience utility to avoid shell script wrappers, etc. If mode is "only", then the similar VeNCrypt protocol is not simultane- ously supported. Up to 3 may be chained, separate them by commas in the order they are to be connected to.|
This article contains information that is outdated or no longer valid. You can edit this page to update it. You would have to forward 2 ports not including the viewer applet which adds another port each the default port for this is Well, what a VNC Repeater does, is you forward one port to it, and when it receives a viewer connection, it then forwards the port to the appropriate vnc server.
Thus, you can have many computers behind a NAT router and only have to forward one port. Full documentation on the repeater is available at ultravnc. You can either remove them or leave them as is. They will not appear in the next version. The serverport is the port on the lan side which the repeater will connect to the server on. You MUST use a vnc viewer that supports proxy servers in order to use this repeater. In order to use the repeater, your viewer must support a proxy server.
Makes Windows Vista, Windows 7 faster. Make sure this directory is writable by system no mapped folder. Any positive integer is valid. Zero indicates that no debugging information should be produced and is the default. A value of around will cause full debugging output to be produced. Log data may be output to a file or a console window or the MSVC debugger if the program was compiled with debugging active.
For testing purposes, or, potentially, when using multiple instances of WinVNC on Windows Terminal Server, this behaviour is undesirable. In some cases, it is preferable to only for connections originating from the local machine and aimed at the "localhost" adapter - a particular example is the use of VNC over SSH to provide secure VNC.
Without the tray icon you can't make realtime changes. You need to edit the ultravnc. Settings take efect after winvnc restart. This behaviour is undesirable when the server machine is being used as a shared workstation by several users or when remoting a single display to multiple clients for viewing, as in a classroom situation. This restriction was placed to ensure that misconfigured servers would not open security loopholes without the user realising.
If a server is only to be used on a secure LAN, however, it may be desirable to forego such checking and allow machines to have a null password.
VNCRobot is a free automated test tool based on a VNC client. VNC Thumbnail Viewer gives you the ability to connect to and watch multiple VNC servers at. UltraVNC (64bit). UltraVNC is a powerful, easy to use and free software that can display added support for new repeater with keepalive. -viewonly All VNC clients can only watch (default off). Also, in the x11vnc distribution, patched TightVNC and UltraVNC Java applet jar files are.