Skip to content

ekohl/vncauthproxy

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

114 Commits

twisted/plugins

twisted/plugins

 
 

vncap

vncap

 
 

.gitignore

.gitignore

 
 

COPYING

COPYING

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README

README

 
 

setup.py

setup.py

 
 

Repository files navigation

===============================================
Twisted VNC Authentication Proxy (TVAP) (VNCAP)
===============================================

This is woefully incomplete.

If you are using Fx4 or earlier, you need to use a WebSocket Flash emulator
and thus you will need to serve a Flash policy. A simple policy server is
shipped in this package, try:

 $ sudo twistd -n flashpolicy

To start the server, try:

 $ twistd -n vncap

By default, the daemon runs on TCP port 8888, bound only to localhost. Here
are some examples for customizing the control port.

Running on TCP port 8000, bound to localhost:

 $ twistd -n vncap -c tcp:8000:interface=localhost

Running on a local UNIX socket:

 $ twistd -n vncap -c unix:/tmp/vncap.sock

Requirements:

 * Twisted 10.2 or newer
 * txWS 0.6 or newer

If your distribution insists on splitting Twisted into multiple packages, you
will also need the Twisted Web package, usually called python-twisted-web.

Controlling the Proxy
=====================

To command the proxy to open ports, a JSON snippet should be sent to the
control port. The snippet should be a JSON dictionary, with the following
required keys:

 * ``daddr``: The destination hostname for the VNC backend
 * ``dport``: The destination port for the VNC backend
 * ``password``: A password for the VNC frontend conection

The following keys are optional:

 * ``sport``: The preferred source port for the VNC frontend
 * ``ws``: Whether the frontend should be wrapped for WebSockets
 * ``tls``: Whether the frontend should be wrapped with TLS for SSL/WSS

If the requsted ``sport`` is not available, one will be automatically
assigned.

TLS
===

If TLS is requested, the proxy will look for SSL key and certificate
information from hardcoded locations. The locations for the SSL files are:

 * ``keys/vncap.key``: SSL key
 * ``keys/vncap.crt``: SSL certificate

To generate simple keys, an example series of OpenSSL invocations might be::

 $ openssl genrsa -out keys/vncap.key 1024
 $ openssl req -new -key keys/vncap.key -out keys/vncap.csr
 $ openssl x509 -req -in keys/vncap.csr -signkey keys/vncap.key -out
   keys/vncap.crt

About

No description, website, or topics provided.

Resources

Readme

License

GPL-2.0, Unknown licenses found

Licenses found

GPL-2.0
LICENSE
Unknown
COPYING
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%