Saturday, July 28, 2007

Compressing VNC Connections over SSH (vncviewer -via)

You might remember a recent tutorial I did on securing VNC via SSH with the -via
option of vncviewer. Today I started looking into it more with one of
my students and we wanted to make the -via option use compression. By
default it just creates a basic tunnel with SSH and doesn’t let you get
much more specific. We figured out how to make it follow more specific
instructions!


update: the environment variable is valid in vncviewer version 4.1.2, but apparently not in Feisty’s current version, 3.3.7. Solution 1 applies to Ubuntu, Solution 2 does not apply to Ubuntu (successful on RHEL5 and most likely recent Fedora series)


Solution 1:


vncviewer will look to client-side configuration files for its
settings. You can create a ~/.ssh/config file for any of your ssh
connections and, which might look like this:


Host alias


HostName hostname


Compression yes


User username


…you get the idea. This will connect to the HostName value when you
“ssh alias”, using Compression and the User specified. You can use any
valid ssh value in this config (see man ssh). Using client-side
configuration like this can cut a long ssh configuration down to a much
shorter one. ie;


The vncviewer will look for this file when used in combination with the -via switch and use compression if set to on, as above. Test it with and without the Compression value and see if you find a difference in performance.


Solution 2:


vncviewer uses an environment variable to start an ssh connection. By default it looks like:


VNC_VIA_CMD=/usr/bin/ssh -f -L “$L”:”$H”:”$R” “$G” sleep 20


You can find this using one of the following:


env | grep VNC_VIA_CMD


or


strings /usr/bin/vncviewer | grep ssh


The second method of altering it’s connection settings are to update
this environment value and tell it to use Compression. This would be
done using the following:


export VNC_VIA_CMD=’/usr/bin/ssh -C -f -L “$L”:”$H”:”$R” “$G” sleep 20′


(that uses single quotes around the entire value and double quotes on the embedded values. This is important.)


So, if you do a lot of work with VNC I hope you’re using the -via
option for SSH tunneling. Now you can also compress your connection
for better performance on slower networks. What are your results
here? Do you notice much of a difference? I have only tested this on
a LAN so the speeds are fast in the first place. Anyone want to share
their results out over the public interweb?



Powered by ScribeFire.

No comments: