pages tagged vncFeeding the Cloudhttps://feeding.cloud.geek.nz/tags/vnc/Feeding the Cloudikiwiki2022-05-31T02:34:25ZUsing vnc to do remote tech support over high-latency networkshttps://feeding.cloud.geek.nz/posts/high-latency-vnc-tech-support/
<a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>
2022-05-31T02:34:25Z2014-03-02T00:00:00Z
<p>If you ever find yourself doing a bit of technical support for relatives
over the phone, there's nothing like actually seeing what they are doing on
their computer. One of the best tools for such remote desktop sharing is
<a href="https://en.wikipedia.org/wiki/Vnc">vnc</a>.</p>
<p>Here's the best setup I have come up with so far. If you have any
suggestions, please leave a comment!</p>
<h1 id="Basic_vnc_configuration">Basic vnc configuration</h1>
<p>First off, you need two things: a vnc server on your relative's
machine and a vnc client on yours. Thanks to vnc being
an <a href="https://en.wikipedia.org/wiki/RFB_protocol">open protocol</a>, there are
many choices for both.</p>
<p>I eventually settled on <a href="http://www.karlrunge.com/x11vnc/">x11vnc</a> for the
server and <a href="http://www.karlrunge.com/x11vnc/ssvnc.html">ssvnc</a> for the
client. They are both available in the standard Debian and Ubuntu repositories.</p>
<p>Since I have ssh access on the machine that needs to run the server, I
simply login and then run <code>x11vnc</code>. Here's what <code>~/.x11vncrc</code> contains:</p>
<pre><code>noxdamage
</code></pre>
<p>That option
<a href="http://www.karlrunge.com/x11vnc/faq.html#faq-beryl">appears to be necessary</a>
when the desktop to share is running gnome-shell / compiz.</p>
<p>Afterwards, I start the client on my laptop with the following command:</p>
<pre><code>ssvncviewer -encodings zrle -scale 1280x775 localhost
</code></pre>
<p>The scaling factor is simply the resolution of the client minus any window
decorations.</p>
<h1 id="ssh_configuration">ssh configuration</h1>
<p>As you can see above, the client is not connecting directly to the
server. Instead it's connecting to its own vnc port
(<code>localhost:5900</code>). That's because I'm tunelling the traffic through the ssh
connection in order to avoid relying on vnc extensions for authentication
and encryption.</p>
<p>Here's what the client's <code>~/.ssh/config</code> needs for that simple use case:</p>
<pre><code>Host server.example.com:
LocalForward localhost:5900 127.0.0.1:5900
</code></pre>
<p>If the remote host (which has an internal IP address of <code>192.168.1.2</code> in
this example) is not connected directly to the outside world and instead
goes through a gateway, then your <code>~/.ssh/config</code> will look like this:</p>
<pre><code>Host gateway.example.com:
ForwardAgent yes
LocalForward localhost:5900 192.168.1.2:5900
Host server.example.com:
ProxyJump gateway.example.com
</code></pre>
<p>and the remote host will need to open up a port on its firewall for the
gateway (internal IP address of <code>192.168.1.1</code> here):</p>
<pre><code>iptables -A INPUT -p tcp --dport 5900 -s 192.168.1.1/32 -j ACCEPT
</code></pre>
<h1 id="Optimizing_for_high-latency_networks">Optimizing for high-latency networks</h1>
<p>Since I do most of my tech support over a <a href="https://en.wikipedia.org/wiki/Southern_Cross_Cable">very high latency network</a>, I
tweaked the default vnc settings to reduce the amount of network traffic.</p>
<p>I added this to <code>~/.x11vncrc</code> on the vnc server:</p>
<pre><code>ncache 10
ncache_cr
</code></pre>
<p>and changed the client command line to this:</p>
<pre><code>ssvncviewer -compresslevel 9 -quality 3 -bgr233 -encodings zrle -use64 -scale 1280x775 -ycrop 1024 localhost
</code></pre>
<p>This decreases image quality (and required bandwidth) and enables
<a href="http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching">client-side caching</a>.</p>
<p>The magic <code>1024</code> number is simply the full vertical resolution of the remote
machine, which sports a vintage 1280x1024 LCD monitor.</p>