Active Topics
-
Maemo 6.1 (6)
to Maemo 7 / Leste by Arno_11 - 8 hrs, 43 mins ago -
Modem registered but Calls, sms not working (20)
to Maemo 7 / Leste by teroyk - 11 hrs, 1 min ago -
[Announce] N900 maemo flasher as debian live image (20)
to Nokia N900 by Macros - 3 days, 11 hrs ago -
Settings -app crash, when pressing "Text Input" (11)
to Maemo 7 / Leste by Arno_11 - 4 days, 3 hrs ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (2)
to SailfishOS by edp17 - 6 days, 7 hrs ago - more...
drk529 |
2007-12-04
, 02:47
|
|
Posts: 11 |
Thanked: 0 times |
Joined on Nov 2007
|
#1
|
does the x11vnc port on the n800 support all the parameters as the x11vnc used on an x86 machine? More specifically, could i use
in xterm to password protect it with password ittforum?
Code:
|
|
2007-12-04
, 04:37
|
|
Posts: 1 |
Thanked: 0 times |
Joined on Dec 2007
|
#2
|
Yes, it does work. Remember tho, it's plain pass
 |
|
2007-12-04
, 10:32
|
|
Posts: 739 |
Thanked: 159 times |
Joined on Sep 2007
@ Germany - Munich
|
#3
|
On Linux I use
x11vnc -usepw
So that the password doesn't show up when you do a "ps"
I don't know if it's available on the IT version because I'm not using x11vnc but it's worth checking.
x11vnc -usepw
So that the password doesn't show up when you do a "ps"
I don't know if it's available on the IT version because I'm not using x11vnc but it's worth checking.
|
|
2007-12-04
, 13:07
|
|
Posts: 122 |
Thanked: 12 times |
Joined on Feb 2007
@ Helsinki, Finland
|
#4
|
The author of x11vnc maemo port tells that passwords are not working:
http://mike.saunby.googlepages.com/x11vncfornokia7702
However, I have a 770 so I have no knowledge if they are now working with the latest OS2008 release. But at least switch "-localhost" is there, so you can set x11vnc allow connections only from localhost. Then you can connect your VNC viewer to the tablet over SSH tunnel.
IMPORTANT
This initial release for the Nokia Internet Tablets provides no security whatsoever! Password files and other means of protection are implemented in x11vnc, it's just that I've not provided a means of using them.
However, I have a 770 so I have no knowledge if they are now working with the latest OS2008 release. But at least switch "-localhost" is there, so you can set x11vnc allow connections only from localhost. Then you can connect your VNC viewer to the tablet over SSH tunnel.
|
|
2007-12-04
, 23:21
|
|
Posts: 11 |
Thanked: 0 times |
Joined on Nov 2007
|
#5
|
Originally Posted by free
i also use -usepw on linux, but i thought that was more for convenience than security. Then again, i don't know what a "ps" is (i'm a linux noob).
On Linux I use
x11vnc -usepw
So that the password doesn't show up when you do a "ps"
I don't know if it's available on the IT version because I'm not using x11vnc but it's worth checking.
|
|
2007-12-04
, 23:26
|
|
Posts: 739 |
Thanked: 159 times |
Joined on Sep 2007
@ Germany - Munich
|
#6
|
ps is used to give the list of process.
so using
x11vnc -password s3cr3t will probably show it if you list processes; but not if using x11vnc -usepw
Also using x11vnc -usepw sets the .vnc/password to a hash (haven't checked probably md5) so your password is not even written anywhere in clear. (and on top of this, .vnc directory is only readable by the user who created it).
But keep in mind that during authentication, the password is in cleartext on the network and that's why people usually tunnel it through ssh. Should be also possible on the IT, although the encryption layer is CPU consuming. I rely on the encryption of my wireless and have nothing sensitive anyway.
so using
x11vnc -password s3cr3t will probably show it if you list processes; but not if using x11vnc -usepw
Also using x11vnc -usepw sets the .vnc/password to a hash (haven't checked probably md5) so your password is not even written anywhere in clear. (and on top of this, .vnc directory is only readable by the user who created it).
But keep in mind that during authentication, the password is in cleartext on the network and that's why people usually tunnel it through ssh. Should be also possible on the IT, although the encryption layer is CPU consuming. I rely on the encryption of my wireless and have nothing sensitive anyway.
 |
|
2007-12-05
, 00:11
|
|
Posts: 4,930 |
Thanked: 2,272 times |
Joined on Oct 2007
|
#7
|
Agreed with free: Do NOT use VNC over unencrypted wireless.
If you've got wireless encryption, trusting that is a reasonable decision.
If not, you should consider tunneling over ssh mandatory.
To do it:
If you want to do this often, you may make a script on your system to combine steps 2 and 3:
By running sleep 10 on the N800, the connection is held open for ten seconds, waiting for the VNC connection to start. As soon as the 10 seconds has elapsed, and there is no connection, ssh exits.
If you've got wireless encryption, trusting that is a reasonable decision.
If not, you should consider tunneling over ssh mandatory.
To do it:
- Change the line in /usr/bin/x11vnc:
toCode:exec /usr/bin/x11vnc ...
Where ... represents whatever's on that line; all you do is insert "-localhost".Code:exec /usr/bin/x11vnc -localhost ...
Now the N800 will listen only for connections from itself. - Connect with ssh from your other computer. Create a local port forward from some local port (I use 5901) to 127.0.0.1:5900. In OpenSSH, that looks like:
Now a connection to your machine on port 5901 will get caught by ssh, encrypted, and stuffed through to the sshd. On the tablet, sshd will shove the connection out to port 5900, where VNC is listening.Code:ssh -L localhost:5901:127.0.01:5900 user@n800s.fqdn
- Finally, use your VNC client to connect to display 1 (port 5901) on the local machine. With vncviewer, that looks like:
Code:vncviewer 127.0.0.1:5901
If you want to do this often, you may make a script on your system to combine steps 2 and 3:
Code:
@!/bin/sh ssh -f -L localhost:5901:127.0.01:5900 user@n800s.fqdn sleep 10 exec vncviewer 127.0.0.1:5901
| The Following User Says Thank You to Benson For This Useful Post: | ||
 |
|
2008-04-06
, 23:22
|
|
Posts: 100 |
Thanked: 13 times |
Joined on Mar 2008
|
#8
|
I'm trying to get VNC up and running through an SSH tunnel. I want to implement the directions given by Benson, but I can't seem to find x11vnc in the directory. I used sudo gainroot to become root, and there looked in usr/bin. But I didn't find x11vnc. I installed it, it's listed in my app manager, and I can run it from xterm. So it must be on the tablet somewhere.
Is there somewhere else it might be? Is there a way to determine it's location?
Is there somewhere else it might be? Is there a way to determine it's location?
 |
|
2008-04-07
, 01:18
|
|
Posts: 3,096 |
Thanked: 1,525 times |
Joined on Jan 2006
@ Michigan, USA
|
#9
|
Originally Posted by cmdowns
which x11vnc
I'm trying to get VNC up and running through an SSH tunnel. I want to implement the directions given by Benson, but I can't seem to find x11vnc in the directory. I used sudo gainroot to become root, and there looked in usr/bin. But I didn't find x11vnc. I installed it, it's listed in my app manager, and I can run it from xterm. So it must be on the tablet somewhere.
Is there somewhere else it might be? Is there a way to determine it's location?
try usr/local
ls -l /usr/local/bin/x11vnc
__________________
To all my Maemo friends. I will no longer be monitoring any of my threads here on a regular basis. I am no longer supporting anything I did under maemo at maemo.org. If you need some help with something you can reach me at tablethacker.com or www.facebook.com/penguinbait. I have disabled my PM's here, and removed myself from Council email and Community mailing list. There has been some fun times, see you around.
To all my Maemo friends. I will no longer be monitoring any of my threads here on a regular basis. I am no longer supporting anything I did under maemo at maemo.org. If you need some help with something you can reach me at tablethacker.com or www.facebook.com/penguinbait. I have disabled my PM's here, and removed myself from Council email and Community mailing list. There has been some fun times, see you around.
|
|
2008-04-07
, 03:13
|
|
Posts: 100 |
Thanked: 13 times |
Joined on Mar 2008
|
#10
|
For some reason I can't list the /usr/local dir. xterm also won't let me cd into /usr/local. am I doing something wrong?