Difference between revisions of "TightVNC"

From WPKG | Open Source Software Deployment and Distribution
Jump to: navigation, search
m (Package file: cleaned up the indentation)
(explanation of VNC and tidyup)
Line 1: Line 1:
Silent install for TightVNC.  
+
TightVNC is one example of a VNC Server and Client, a standard means of remote access.
=Version 2.0.2=
+
 
TightVNC v2.x is a complete rewrite. It doesn't need the Mirage driver. The Reg settings are in a different location. The command line switches are different too.
+
Running [http://en.wikipedia.org/wiki/Virtual_Network_Computing VNC] server software on Windows allows you to connect to the Windows graphical environment using VNC client software on a remote computer. There are various VNC client and server softwares, such as TightVNC and UltraVNC. There are VNC clients for probably every operating system, so you don't need to be running Windows to connect to and use Windows. VNC uses the [http://en.wikipedia.org/wiki/RFB_protocol RFB protocol], a defined standard method for remote access, so generally speaking any VNC client will connect to any VNC server, however occasionally some VNC implementations have added non-standard features that other clients may not support, examples of this are UltraVNC's remote login and file transfer features.
 +
 
 +
VNC clients connect into the session currently running on Windows, so the remote user and the person who might be sat at the computer see the same thing; the client doesn't get a separate login prompt, if someone is already logged into the computer then you see that, otherwise you get to login.
 +
 
 +
For remote administration or remote staff working, for security reasons you are strongly advised not to enable remote access to desktop computers directly over the Internet, instead you should have a firewall in place (for example [http://www.pfsense.com/ pfSense]), running a VPN server, which clients are required to securely VPN into before they have unfettered access to connect to VNC on desktop computers running Windows (or other operating systems).
 +
 
 +
=Version 2.0.x=
 +
TightVNC version 2 is a complete rewrite over version 1; it doesn't need the Mirage driver; the registry settings are in a different location; the command-line switches are different.
  
 
==Preconfiguration Steps==
 
==Preconfiguration Steps==
* download the new software and place it in your wpkg software folder.
+
* download the new software and place it in your WPKG software folder.
 
* on a PC install TightVNC and configure it with your password settings, etc.
 
* on a PC install TightVNC and configure it with your password settings, etc.
 
* using regedit export HKEY_LOCAL_MACHINE\SOFTWARE\TightVNC\Server and save it as settings.reg in your wpkg software folder. '''WARNING: as others can read this file it is possible that they could decrypt the VNC passwords!'''
 
* using regedit export HKEY_LOCAL_MACHINE\SOFTWARE\TightVNC\Server and save it as settings.reg in your wpkg software folder. '''WARNING: as others can read this file it is possible that they could decrypt the VNC passwords!'''
  
==Package file==
+
==WPKG Package==
 
<source lang="xml">
 
<source lang="xml">
  
Line 45: Line 52:
 
</source>
 
</source>
  
=Version 1.3.0=
+
=Version 1.3.x=
 
See also silent installation for [[DFMirage hook display driver]].
 
See also silent installation for [[DFMirage hook display driver]].
 
I prefer TightVNC over UltraVNC, essentially because they have viewers also for other operating systems and I'm not stuck on browser/java viewer under my preferred OS.
 
  
 
I install and manage TightVNC with the following XML package description:
 
I install and manage TightVNC with the following XML package description:
Line 77: Line 82:
 
</source>
 
</source>
  
tightvnc.bat is a simple batch script that setup TightVNC server and restart it:
+
tightvnc.bat is a simple batch script to setup TightVNC server and restart it:
  
 
<source lang="dos">
 
<source lang="dos">
Line 94: Line 99:
 
</source>
 
</source>
  
tightvnc.reg contains the setup of the server, most notably the access password, i.e. I can use as a registry patch:
+
tightvnc.reg contains the VNC server setup, most notably the access password:
  
 
<source lang="reg">
 
<source lang="reg">
Line 143: Line 148:
 
</source>
 
</source>
  
'''NOTE''' that passwords are crypted, but this is no a paranoid setup, someone can easily have access to the registry patch and try to decrypt the password.
+
'''NOTE''' that passwords are encrypted, but this is not considered secure as someone can easily have access to the registry patch and decrypt the password.
  
 
[[Category:Silent Installers]]
 
[[Category:Silent Installers]]

Revision as of 12:33, 13 July 2010

TightVNC is one example of a VNC Server and Client, a standard means of remote access.

Running VNC server software on Windows allows you to connect to the Windows graphical environment using VNC client software on a remote computer. There are various VNC client and server softwares, such as TightVNC and UltraVNC. There are VNC clients for probably every operating system, so you don't need to be running Windows to connect to and use Windows. VNC uses the RFB protocol, a defined standard method for remote access, so generally speaking any VNC client will connect to any VNC server, however occasionally some VNC implementations have added non-standard features that other clients may not support, examples of this are UltraVNC's remote login and file transfer features.

VNC clients connect into the session currently running on Windows, so the remote user and the person who might be sat at the computer see the same thing; the client doesn't get a separate login prompt, if someone is already logged into the computer then you see that, otherwise you get to login.

For remote administration or remote staff working, for security reasons you are strongly advised not to enable remote access to desktop computers directly over the Internet, instead you should have a firewall in place (for example pfSense), running a VPN server, which clients are required to securely VPN into before they have unfettered access to connect to VNC on desktop computers running Windows (or other operating systems).

Version 2.0.x

TightVNC version 2 is a complete rewrite over version 1; it doesn't need the Mirage driver; the registry settings are in a different location; the command-line switches are different.

Preconfiguration Steps

  • download the new software and place it in your WPKG software folder.
  • on a PC install TightVNC and configure it with your password settings, etc.
  • using regedit export HKEY_LOCAL_MACHINE\SOFTWARE\TightVNC\Server and save it as settings.reg in your wpkg software folder. WARNING: as others can read this file it is possible that they could decrypt the VNC passwords!

WPKG Package

<package 
	id="tightvnc" 
	name="TightVNC server" 
	revision="202" 
	priority="50" 
	reboot="false">
		
	<check type="uninstall" condition="exists" path="TightVNC 2.0.2" />

	<!-- Uninstall TightVNC 1.x first --> 
	<install cmd='"%ProgramFiles%\TightVNC\unins000.exe" /sp- /silent /norestart' >
		<exit code="any" />
	</install>

	<install cmd='"%SOFTWARE%\Tools\RemoteControl\Tight.VNC.2.0.2\tightvnc-2.0.2-setup.exe" /S' />
	<install cmd='"%ProgramFiles%\TightVNC\tvnserver" -install -silent' >
		<exit code="1" />
		<exit code="0" />			
	</install>
	<install cmd='"%ProgramFiles%\TightVNC\tvnserver" -stop -silent' />
	<install cmd='regedit /s "%SOFTWARE%\Tools\RemoteControl\Tight.VNC.2.0.2\settings.reg"' />
	<install cmd='"%ProgramFiles%\TightVNC\tvnserver" -start -silent' />

	<upgrade cmd='"%SOFTWARE%\Tools\RemoteControl\Tight.VNC.2.0.2\tightvnc-2.0.2-setup.exe" /S' />
	<upgrade cmd='"%ProgramFiles%\TightVNC\tvnserver" -reinstall -silent' />
	<upgrade cmd='"%ProgramFiles%\TightVNC\tvnserver" -stop -silent' />
	<upgrade cmd='regedit /s "%SOFTWARE%\Tools\RemoteControl\Tight.VNC.2.0.2\settings.reg"' />
	<upgrade cmd='"%ProgramFiles%\TightVNC\tvnserver" -start -silent' />

	<remove cmd='"%ProgramFiles%\TightVNC\uninstall.exe" /sp- /silent /norestart' />
</package>

Version 1.3.x

See also silent installation for DFMirage hook display driver.

I install and manage TightVNC with the following XML package description: 

<package id="tightvnc" name="TightVNC server" revision="130" priority="50" reboot="false">
 <check type="uninstall" condition="exists" path="TightVNC 1.3.10" />

 <install cmd="%SOFTWARE%\tightvnc\tightvnc-1.3.10-setup.exe /sp- /verysilent" />
 <install cmd="%ProgramFiles%\TightVNC\WinVNC.exe -reinstall" />
 <install cmd="%ProgramFiles%\TightVNC\WinVNC.exe -servicehelper" />
 <install cmd='cmd /c netsh firewall add allowedprogram program = %ProgramFiles%\TightVNC\WinVNC.exe name = "Launch TightVNC Server"' />

 <upgrade cmd='%SOFTWARE%\tightvnc\tightvnc-1.3.10-setup.exe /sp- /verysilent' ><exit code="0" reboot="true" /></upgrade>
 <upgrade cmd="%ProgramFiles%\TightVNC\WinVNC.exe -reinstall" />
 <upgrade cmd="%ProgramFiles%\TightVNC\WinVNC.exe -servicehelper" />
 <upgrade cmd='cmd /c netsh firewall add allowedprogram program = %ProgramFiles%\TightVNC\WinVNC.exe name = "Launch TightVNC Server"' />

 <remove cmd='"%ProgramFiles%\TightVNC\WinVNC.exe" -remove' />
 <remove cmd='"%ProgramFiles%\TightVNC\unins000.exe" /silent' />
</package>
 
<package id="tightvnc-settings" name="TightVNC server settings" revision="3" priority="5" reboot="false" execute="once">
 <depends package-id="tightvnc"/>
 <install cmd='cmd /c "%SOFTWARE%\tightvnc\tightvnc.bat"' />
 <upgrade cmd='cmd /c "%SOFTWARE%\tightvnc\tightvnc.bat"' />
 <remove cmd='echo "nothing"' />
</package>

tightvnc.bat is a simple batch script to setup TightVNC server and restart it: 

:: start, restart or apply settings to tightvnc
::
net stop "VNC Server"
regedit /s %SOFTWARE%\tightvnc\tightvnc.reg
net start "VNC Server"

:: For some unknown reason the servicehelper does not restart.
::
%ProgramFiles%\TightVNC\WinVNC.exe -servicehelper
:: we ignore errors...
::
exit 0

tightvnc.reg contains the VNC server setup, most notably the access password: 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\ORL]

[HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3]
"MSLogonRequired"=dword:00000001
"NewMSLogon"=dword:00000001
"ACL"=hex:02,00,08,00,00,00,00,00
"ConnectPriority"=dword:00000002
"LoopbackOnly"=dword:00000000
"EnableHTTPDaemon"=dword:00000001
"EnableURLParams"=dword:00000000
"AllowLoopback"=dword:00000000
"AuthRequired"=dword:00000001
"DebugMode"=dword:00000000
"DebugLevel"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3\Default]
"SocketConnect"=dword:00000001
"AutoPortSelect"=dword:00000001
"InputsEnabled"=dword:00000001
"LocalInputsDisabled"=dword:00000000
"IdleTimeout"=dword:00000000
"LocalInputsPriorityTime"=dword:00000003
"QuerySetting"=dword:00000002
"QueryTimeout"=dword:0000001e
"QueryAccept"=dword:00000000
"QueryAllowNoPass"=dword:00000000
"LockSetting"=dword:00000000
"RemoveWallpaper"=dword:00000001
"BlankScreen"=dword:00000000
"EnableFileTransfers"=dword:00000001
"PollUnderCursor"=dword:00000000
"PollForeground"=dword:00000001
"PollFullScreen"=dword:00000000
"OnlyPollConsole"=dword:00000001
"OnlyPollOnEvent"=dword:00000000
"PollingCycle"=dword:0000012c
"DontSetHooks"=dword:00000000
"DontUseDriver"=dword:00000000
"DriverDirectAccess"=dword:00000001
"LocalInputsPriority"=dword:00000000
"Password"=hex:e6,ee,26,ee,00,e2,e6,5b
"PasswordViewOnly"=hex:38,9a,aa,ee,ef,63,ef,e5

NOTE that passwords are encrypted, but this is not considered secure as someone can easily have access to the registry patch and decrypt the password.

Retrieved from "https://wpkg.org/index.php?title=TightVNC&oldid=8172"