diff options
| author | runge <runge@karlrunge.com> | 2009-12-18 11:46:10 -0500 |
|---|---|---|
| committer | runge <runge@karlrunge.com> | 2009-12-18 11:46:10 -0500 |
| commit | 06987b1c0216429e6744bf5a2c306d0e6853f879 (patch) | |
| tree | f2a3f6e24d5742c4297130cdfc5673550ca53bae /x11vnc/x11vnc.1 | |
| parent | d6c012e9688d32d80c288541615c01cd082ecf0a (diff) | |
| download | libtdevnc-06987b1c0216429e6744bf5a2c306d0e6853f879.tar.gz libtdevnc-06987b1c0216429e6744bf5a2c306d0e6853f879.zip | |
x11vnc: fix keycode and other remote control actions under
DIRECT: with an extra XFlush and other safety measures.
fflush(stderr) much in su_verify. Make the -unixpw env. vars
UNIXPW_DISABLE_SSL and UNIXPW_DISABLE_LOCALHOST work correctly.
Make -loopbg actually imply -bg.
Diffstat (limited to 'x11vnc/x11vnc.1')
| -rw-r--r-- | x11vnc/x11vnc.1 | 33 |
1 files changed, 18 insertions, 15 deletions
diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index f60842e..81f2af9 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -2,7 +2,7 @@ .TH X11VNC "1" "December 2009" "x11vnc " "User Commands" .SH NAME x11vnc - allow VNC connections to real X11 displays - version: 0.9.9, lastmod: 2009-12-14 + version: 0.9.9, lastmod: 2009-12-17 .SH SYNOPSIS .B x11vnc [OPTION]... @@ -1006,24 +1006,27 @@ To override the above restrictions you can set environment variables before starting x11vnc: .IP Set UNIXPW_DISABLE_SSL=1 to disable requiring either -\fB-ssl\fR or \fB-stunnel.\fR Evidently you will be using a -different method to encrypt the data between the -vncviewer and x11vnc: perhaps +\fB-ssl\fR or \fB-stunnel\fR (as under SSH_CONNECTION.) Evidently +you will be using a different method to encrypt the +data between the vncviewer and x11vnc: perhaps .IR ssh (1) -or an IPSEC VPN. -.IP -Note that use of \fB-localhost\fR with -.IR ssh (1) -is roughly -the same as requiring a Unix user login (since a Unix -password or the user's public key authentication is -used by sshd on the machine where x11vnc runs and only -local connections from that machine are accepted). +or an IPSEC VPN. \fB-localhost\fR is still enforced (however, +see the next paragraph.) .IP Set UNIXPW_DISABLE_LOCALHOST=1 to disable the \fB-localhost\fR -requirement in Method 2). One should never do this +requirement in \fB-unixpw\fR modes. One should never do this (i.e. allow the Unix passwords to be sniffed on the -network.) +network.) This also disables the localhost requirement +for reverse connections (see below.) +.IP +Note that use of \fB-localhost\fR with +.IR ssh (1) +(and no \fB-unixpw)\fR +is roughly the same as requiring a Unix user login +(since a Unix password or the user's public key +authentication is used by sshd on the machine where +x11vnc runs and only local connections from that machine +are accepted). .IP Regarding reverse connections (e.g. \fB-R\fR connect:host and \fB-connect\fR host), when the \fB-localhost\fR constraint is |