VNC
How to connect to a remote desktop environment with VNC graphical desktop-sharing system
Install VNC server
pacman -Syu tigervnc
Create a password
vncpasswd
Define user mappings
/etc/tigervnc/vncserver.users
# TigerVNC User assignment
#
# This file assigns users to specific VNC display numbers.
# The syntax is <display>=<username>. E.g.:
#
# :2=andrew
# :3=lisa
:1=user
Each user defined in this file will have a corresponding port on which its session will run.
The number in the file corresponds to a TCP port. By default, :1 is TCP port 5901 (5900+1).
If another parallel server is needed, a second instance can then run on the next highest,
free port, i.e 5902 (5900+2).
Issuing x509 certificates using OpenSSL
openssl req -x509 -newkey rsa:4096 -nodes -keyout /home/wildw1ng/.vnc/x509key.pem -out /home/wildw1ng/.vnc/x509cert.pem -subj '/CN=192.168.0.100' -addext "subjectAltName=IP:192.168.0.100"
~/.vnc/config
session=gnome
geometry=1920x1080
alwaysshared
securitytypes=x509vnc
x509key=/home/wildw1ng/.vnc/x509key.pem
x509cert=/home/wildw1ng/.vnc/x509cert.pem
Client machine
x509cert=/home/wildw1ng/.vnc/x509cert.pem
vncviewer 192.168.0.245 -X509CA /home/wildw1ng/.vnc/x509cert.pem
Accessing vncserver via SSH tunnel
Issuing x509 certificates using OpenSSL
openssl req -x509 -newkey rsa:4096 -nodes -keyout /home/wildw1ng/.vnc/x509key.pem -out /home/wildw1ng/.vnc/x509cert.pem -subj '/CN=localhost' -addext "subjectAltName=IP:127.0.0.1"
Push the key to client machine
rsync -ra --info=progress2 /home/wildw1ng/.vnc/x509cert.pem 192.168.0.101:/home/wildw1ng/.vnc/
Server configuration
~/.vnc/config
session=gnome
geometry=1920x1080
localhost
alwaysshared
securitytypes=x509vnc
x509key=/home/wildw1ng/.vnc/x509key.pem
x509cert=/home/wildw1ng/.vnc/x509cert.pem
Remmina Client Settings
Basic >
Server: localhost:5901
SSH Tunnel > Enable SSH Tunnel
Custom: arch-r5-3600x
Authentification type: Public key (automatic)
Username: wildw1ng