Xvnc − the X VNC server
Xvnc [options] :display#
Xvnc is the X VNC (Virtual Network Computing) server. It is based on a standard X server, but it has a "virtual" screen rather than a physical one. X applications display themselves on it as if it were a normal X display, but they can only be accessed via a VNC viewer - see vncviewer(1).
So Xvnc is really two servers in one. To the applications it is an X server, and to the remote VNC users it is a VNC server. By convention we have arranged that the VNC server display number will be the same as the X server display number, which means you can use eg. snoopy:2 to refer to display 2 on machine "snoopy" in both the X world and the VNC world.
The best way of starting Xvnc is via the vncserver script. This sets up the environment appropriately and runs some X applications to get you going. See the manual page for vncserver(1) for more information.
takes lots of options - running Xvnc -help gives a
list. Many of these are standard X server options, which are
described in the Xserver(1) manual page. In addition
to options which can only be set via the command-line, there
are also "parameters" which can be set both via
the command-line and through the vncconfig(1)
Specify the size of the desktop to be created. Default is 1024x768.
Specify the pixel depth in bits of the desktop to be created. Default is 24, other possible values are 8, 15, and 16 - anything else is likely to cause strange behaviour by applications.
Specify pixel format for server to use (BGRnnn or RGBnnn). The default for depth 8 is BGR233 (meaning the most significant two bits represent blue, the next three green, and the least significant three represent red), the default for depth 16 is RGB565 and for depth 24 is RGB888.
−interface IP address or −i IP address
Listen on interface. By default Xvnc listens on all available interfaces.
This significantly changes Xvnc’s behaviour so that it can be launched from inetd. See the section below on usage with inetd.
List all the options and parameters
VNC parameters can be set both via the command-line and through the vncconfig(1) program, and with a VNC-enabled Xorg server via Options entries in the xorg.conf file.
be turned on with -param or off with -param=0.
Parameters which take a value can be specified as -param
value. Other valid forms are
--param=value. Parameter names are
Each desktop has a name which may be displayed by the viewer. It defaults to "x11".
Specifies the TCP port on which Xvnc listens for connections from viewers (the protocol used in VNC is called RFB - "remote framebuffer"). The default is 5900 plus the display number.
−rfbwait time, −ClientWaitTimeMillis time
Time in milliseconds to wait for a viewer which is blocking Xvnc. This is necessary because Xvnc is single-threaded and sometimes blocks until the viewer has finished sending or receiving a message - note that this does not mean an update will be aborted after this time. Default is 20000 (20 seconds).
Run a mini-HTTP server which serves files from the given directory. Normally the directory will contain the classes for the Java viewer. In addition, files with a .vnc extension will have certain substitutions made so that a single installation of the Java VNC viewer can be served by separate instances of Xvnc.
Specifies the port on which the mini-HTTP server runs. Default is 5800 plus the display number.
−rfbauth passwd-file, −PasswordFile passwd-file
Specifies the file containing the password used to authenticate viewers. The file is accessed each time a connection comes in, so it can be changed on the fly via vncpasswd(1).
Xvnc uses a "deferred update" mechanism which enhances performance in many cases. After any change to the framebuffer, Xvnc waits for this number of milliseconds (default 1) before sending an update to any waiting clients. This means that more changes tend to get coalesced together in a single update. Setting it to 0 results in the same behaviour as earlier versions of Xvnc, where the first change to the framebuffer causes an immediate update to any waiting clients.
Keep delaying sending the screen update to the client(s) each time the screen is updated. Otherwise the delay is from the first update. Default is off.
Send clipboard changes to clients (default is on). Note that you must also run vncconfig(1) to get the clipboard to work.
Accept clipboard updates from clients (default is on). Note that you must also run vncconfig(1) to get the clipboard to work.
The maximum size of a clipboard update that will be accepted from a client. Default is 262144.
Accept pointer press and release events from clients (default is on).
Accept key press and release events from clients (default is on).
Disconnect existing clients if an incoming connection is non-shared (default is on). If DisconnectClients is false, then a new non-shared connection will be refused while there is a client active. When combined with NeverShared this means only one client is allowed at a time.
Never treat incoming connections as shared, regardless of the client-specified setting (default is off).
Always treat incoming connections as shared, regardless of the client-specified setting (default is off).
Always use protocol version 3.3 for backwards compatibility with badly-behaved clients (default is off).
Perform pixel comparison on framebuffer to reduce unnecessary updates (default is on).
Zlib compression level for ZRLE encoding (it does not affect Tight encoding). Acceptable values are between 0 and 9. Default is to use the standard compression level provided by the zlib(3) compression library.
Use improved compression algorithm for Hextile encoding which achieves better compression ratios by the cost of using slightly more CPU time. Default is on.
Specify which security scheme to use for incoming connections. Valid values are a comma separated list of None, VncAuth, Plain, TLSNone, TLSVnc, TLSPlain, X509None, X509Vnc and X509Plain. Default is VncAuth,TLSVnc.
Obfuscated binary encoding of the password which clients must supply to access the server. Using this parameter is insecure, use PasswordFile parameter instead.
A comma separated list of user names that are allowed to authenticate via any of the "Plain" security types (Plain, TLSPlain, etc.). Specify * to allow any user to authenticate using this security type. Default is to deny all users.
−pam_service name, −PAMService name
PAM service name to use when authentication users using any of the "Plain" security types. Default is vnc.
Path to a X509 certificate in PEM format to be used for all X509 based security types (X509None, X509Vnc, etc.).
Private key counter part to the certificate given in X509Cert. Must also be in PEM format.
The number of unauthenticated connection attempts allowed from any individual host before that host is black-listed. Default is 5.
The initial timeout applied when a host is first black-listed. The host cannot re-attempt a connection until the timeout expires. Default is 10.
The number of seconds after which an idle VNC connection will be dropped (default is 0, which means that idle connections will never be dropped).
Terminate when no client has been connected for N seconds. Default is 0.
Terminate when a client has been connected for N seconds. Default is 0.
Terminate after N seconds of user inactivity. Default is 0.
Prompts the user of the desktop to explicitly accept or reject incoming connections. This is most useful when using the vnc.so module or x0vncserver(1) program to access an existing X desktop via VNC.
The vncconfig(1) program must be running on the desktop in order for QueryConnect to be supported by the vnc.so(1) module or Xvnc(1) program. The x0vncserver(1) program does not require vncconfig(1) to be running.
Number of seconds to show the Accept Connection dialog before rejecting the connection. Default is 10.
Only allow connections from the same machine. Useful if you use SSH and want to stop non-SSH connections from any other hosts.
Configures the debug log settings. dest can currently be stderr or stdout, and level is between 0 and 100, 100 meaning most verbose output. logname is usually * meaning all, but you can target a specific source file if you know the name of its "LogWriter". Default is *:stderr:30.
Sets up a keyboard mapping. mapping is a comma-separated string of character mappings, each of the form char->char, or char<>char, where char is a hexadecimal keysym. For example, to exchange the " and @ symbols you would specify the following:
Key affected by NumLock often require a fake Shift to be inserted in order for the correct symbol to be generated. Turning on this option avoids these extra fake Shift events but may result in a slightly different symbol (e.g. a Return instead of a keypad Enter).
By configuring the inetd(1) service appropriately, Xvnc can be launched on demand when a connection comes in, rather than having to be started manually. When given the -inetd option, instead of listening for TCP connections on a given port it uses its standard input and standard output. There are two modes controlled by the wait/nowait entry in the inetd.conf file.
In the nowait mode, Xvnc uses its standard input and output directly as the connection to a viewer. It never has a listening socket, so cannot accept further connections from viewers (it can however connect out to listening viewers by use of the vncconfig program). Further viewer connections to the same TCP port result in inetd spawning off a new Xvnc to deal with each connection. When the connection to the viewer dies, the Xvnc and any associated X clients die. This behaviour is most useful when combined with the XDMCP options -query and -once. An typical example in inetd.conf might be (all on one line):
5950 stream tcp nowait nobody /usr/local/bin/Xvnc Xvnc -inetd -query localhost -once securitytypes=none
In this example a viewer connection to :50 will result in a new Xvnc for that connection which should display the standard XDM login screen on that machine. Because the user needs to login via XDM, it is usually OK to accept connections without a VNC password in this case.
In the wait mode, when the first connection comes in, inetd gives the listening socket to Xvnc. This means that for a given TCP port, there is only ever one Xvnc at a time. Further viewer connections to the same port are accepted by the same Xvnc in the normal way. Even when the original connection is broken, the Xvnc will continue to run. If this is used with the XDMCP options -query and -once, the Xvnc and associated X clients will die when the user logs out of the X session in the normal way. It is important to use a VNC password in this case. A typical entry in inetd.conf might be:
5951 stream tcp wait james /usr/local/bin/Xvnc Xvnc -inetd -query localhost -once passwordFile=/home/james/.vnc/passwd
In fact typically, you would have one entry for each user who uses VNC regularly, each of whom has their own dedicated TCP port which they use. In this example, when user "james" connects to :51, he enters his VNC password, then gets the XDM login screen where he logs in in the normal way. However, unlike the previous example, if he disconnects, the session remains persistent, and when he reconnects he will get the same session back again. When he logs out of the X session, the Xvnc will die, but of course a new one will be created automatically the next time he connects.
Tristan Richardson, RealVNC Ltd. and others.
VNC was originally developed by the RealVNC team while at Olivetti Research Ltd / AT&T Laboratories Cambridge. TightVNC additions were implemented by Constantin Kaplinsky. Many other people have since participated in development, testing and support. This manual is part of the TigerVNC software suite.
Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.
Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.
Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.
Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.
The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.
Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.
Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.
Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.