-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathvncmanager.conf
97 lines (82 loc) · 3.13 KB
/
vncmanager.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# List of addresses to bind to.
# Default: No addresses specified = bind to all.
#
# listen = 0.0.0.0
# listen = ::
# Port ot listen on.
# Default: 5900
#
# port = 5900
# VNC security types.
# Comma separated list of allowed types. Order determines priority - VNC clients normally choose the first type they support.
# Available types:
# None: No encryption is used. Screen content, keyboard input, etc. can be seen by a passive wiretapper.
# TLS: Anonymous TLS is used. Communication is encrypted, but the clients have no way to verify identity of the server. Protected against passive wiretapper, but active one could do a man-in-the-middle attack.
# X509: TLS with certificate is used. Communication is encrypted. Level of security depends on the type of certificate:
# * Signed by a certificate authority: Protects against both passive and active wiretapper.
# * Self-signed: Client has to verify certificate on first connection. Vulnerable against active wiretapper on first connection, secure against both active and passive on subsequent connections.
#
# Default: TLS,X509,None
#
# security = TLS,X509,None # Opportunistic encryption, most compatible
# security = TLS,X509 # Force encryption
# security = X509 # Force encryption with certificate
# Path to TLS certificate
# Default: /etc/vnc/tls.cert
#
# tls-cert = /etc/vnc/tls.cert
# Path to TLS key
# Default: /etc/vnc/tls.key
#
# tls-key = /etc/vnc/tls.key
# GNUTLS priority configuration for anonymous TLS.
# See GNUTLS manual section "Priority strings" and output of `gnutls-cli -l` command.
# Default: NORMAL:+ANON-ECDH:+ANON-DH
#
# tls-priority-anonymous = NORMAL:+ANON-ECDH:+ANON-DH
# GNUTLS priority configuration for TLS with certificate.
# See GNUTLS manual section "Priority strings" and output of `gnutls-cli -l` command.
# Default: NORMAL
#
# tls-priority-certificate = NORMAL
# Disable vnc manager functionality.
# Uncomment this to disable session managing - every VNC connection will get its own new session which can not be shared.
# Default: no
#
# disable-manager = no
# Force vnc manager greeter to appear every time.
# Normally the greeter appears only when there are sessions available for reconnection.
# Default: no
#
# always-show-greeter = no
# Address of XDMCP server (a display manager).
# When starting new sessions, Xvnc will be given -query parameter telling it to contact XDMCP server on this address.
# Default: localhost
#
# query = localhost
# The value of geometry parameter given to Xvnc. Sets the initial resolution.
# Default: 1024x768
#
# geometry = 1024x768
# Path to Xvnc executable
# Default: /usr/bin/Xvnc
#
# xvnc = /usr/bin/Xvnc
# Path to greeter executable
# Default: /usr/bin/vncmanager-greeter
#
# greeter = /usr/bin/vncmanager-greeter
# Path to xauth executable
# Default: /usr/bin/xauth
#
# xauth = /usr/bin/xauth
# Path to run directory.
# VNC manager creates sockets for communication with other programs and xauthority files in this directory .
# Default: /run/vncmanager
#
# rundir = /run/vncmanager
# Additional arguments that will be passed to Xvnc.
# Take care to not overwrite arguments set by vncmanager.
#
# Default:
# xvnc-args =