Vino

From ArchWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: Vino is obsolete (does not work in Wayland), and has some security issues, and is not actively maintained (last release was in 2016). The successor is GNOME Remote Desktop, which is tightly integrated with Mutter window manager. (Discuss in Talk:Vino)

Vino is a VNC (Virtual Network Computing) server allowing remote connection to your actual desktop. It is a default component of the GNOME desktop environment.

Installation

Install the vino package.

You need to restart GNOME so that vino-server is started automatically when enabling the remote desktop feature. The remote desktop feature can usually be enabled in Settings > Sharing, however this only seems to be functional when NetworkManager is installed and functional.

Configuration

You can configure vino via gnome-control-center.

Now you can connect remotely to your desktop via a VNC viewer like TightVNC or Remmina. Remember to forward port 5900 if you are behind a NAT device and to allow the connection through iptables.

If you are having problems regarding security and encryption you could try:

$ gsettings set org.gnome.Vino require-encryption false

If you use a standalone window manager like Openbox and it does not work, you can start vino-server manually or add the command to the window manager's autostart script

# /usr/lib/vino/vino-server &

Running on a headless server

Vino can be used to manage a headless server with a graphical desktop via VNC. For this, a graphics driver like xf86-video-dummy must be installed and configured. xpra’s sample xorg.conf for the Xdummy driver can be used as a base. Then, the server can be configured to start X at boot for the user account that should be usable remotely. Vino must be made to autostart with the desktop environment by creating a desktop entry in the user’s home directory such as this one:

~/.config/autostart/vino-server.desktop
[Desktop Entry]
Type=Application
Name=Vino VNC server
Exec=/usr/lib/vino/vino-server
NoDisplay=true

Next, make Vino accept VNC connections without asking for confirmation by running the following command as the graphical desktop user:

$ dbus-launch gsettings set org.gnome.Vino prompt-enabled false

You may wish to revoke suspend and hibernate permissions using Polkit.

For the GNOME desktop environment, the following are some further options you may want for GNOME:

$ dbus-launch gsettings set org.gnome.desktop.lockdown disable-user-switching true
$ dbus-launch gsettings set org.gnome.desktop.lockdown disable-log-out true
$ dbus-launch gsettings set org.gnome.desktop.interface enable-animations false

Remember to configure your firewall to not block the rfb port used for VNC. For secure authentication – which should be used when giving access to privileged users on the open internet –, you should tunnel the VNC protocol through e.g. SSH or stunnel instead of unblocking the rfb port. When using stunnel, you should require a password:

$ dbus-launch gsettings set org.gnome.Vino authentication-methods "['vnc']"
$ dbus-launch gsettings set org.gnome.Vino vnc-password $(echo -n "mypassword"|base64)

You can now log in to your server with a VNC client such as vinagre.

The above setup can also be used with multiple remote users logging in automatically, e.g. by using multiple copies of xlogin-gitAUR’s service files in /etc/systemd/system/, each modified to log in a different user on a different X11 display and virtual terminal. With Vino, each user’s VNC server can be configured to listen on a different port as well:

$ dbus-launch gsettings set org.gnome.Vino alternative-port 5910
$ dbus-launch gsettings set org.gnome.Vino use-alternative-port true

See also