VNC access generally allows access to your whole computer, so security is
very important. VNC uses a random challenge
response system to provide the basic
that allows you to connect to a VNC server. This is reasonably secure and the
password is not sent over the network.
However, once connected, all subsequent VNC traffic is unencrypted. So a malicious user could
snoop your VNC session. Also there are VNC s
canning programs available, which will scan a
s which are listening on one of the ports which VNC uses.
Tunneling VNC over a SSH connection ensures all traffic is strongly encrypted. Also no VNC port
is ever open to the internet
, so anyone scanning for open VNC ports will not be able to find your
computers. When tunneling VNC over a SSH connection, the only port which you're opening on
So sometimes it may be prudent to tunnel VNC through SS
are both on the same local network.
To set up the secure SSH tunnel for a
HTTP browser connection from the client
However when configuring the port redirection, spec
ify port 80 (rather than port 3389 as
was used for RDP) e.g. if using PuTTY:
Comments to this Manuals