This option, if unticked, prevents the VNC Server from informing clients of changes to its local clipboard contents. This can be useful when untrusted clients are to be allowed to connect to the VNC Server, since it prevents any private data being accidentally leaked via the clipboard.
This option determines whether keyboard and mouse events received from VNC Viewers can cause the screen-saver to be hidden. This option is actually a system-wide setting and is not implemented by VNC Server itself, so there is no equivalent command-line option.
Some older Win32 platforms do not support this option. It is recommended that this check-box be ticked, so that the screen-saver can be disabled by VNC Viewer input. The mouse and keyboard physically attached to the server computer can be disabled for the duration of a remote connection, preventing local users from interacting with the computer.
If this option is set then all incoming connections will be treated as shared, and thus not disconnect any existing connections, regardless of whether the connecting VNC Viewer requested that the connection be shared. If this option is set then all incoming connections will be treated as non-shared. VNC Server will therefore either disconnect any existing connections, or refuse the incoming connection, depending on whether non-shared connections are configured to replace existing ones see below.
When connecting, VNC Viewer specifies whether the connection should be shared or non-shared. If this setting is configured then the VNC Viewer's preference will be respected.
If an incoming connection is to be shared either by choice or because AlwaysShared is set then existing connections remain active. If a connection is non-shared either by choice or because NeverShared is set then either the new connection must be rejected, or existing clients disconnected. If this setting is configured then existing clients will be disconnected when a new non-shared connection is made.
Otherwise, they will remain, and the new connection will fail. Decorations such as wallpaper or font smoothing effects can make it harder for VNC Server to compress graphical data for trasmission to viewers. For viewers connected over slower networks, this can significantly degrade the apparent performance of the server. VNC Server can therefore simplify the desktop in several ways, to improve performance. This option causes VNC Server to remove any standard wallpaper bitmap that is set, as well as to disable Active Desktop components.
This option causes VNC Server to set the desktop background to a plain pattern while conenctions are active. This option causes VNC Server to disable desktop decorations such as font smoothing, window titlebar shading, menu animation, and so on. These options are used to ensure that if VNC connections to a server are closed because of a network error, idle timeout, or even deliberately, then the computer will be left in as secure a state as possible.
On Windows and above, it is possible for VNC Server to lock the workstation, leaving the current user logged in but requiring that their password be re-entered in order to access their programs or data.
Alternatively, VNC Server can completely logoff the current user when there are no more VNC viewers connected, closing any running programs and leaving the workstation ready for another user to log in. VNC Server is designed to support a variety of techniques for tracking changes to the local desktop. This release supports basic polling of the screen for changes, as well as the classic VNC Hooks technique. If this option is selected then VNC Server will poll strips of the screen for changes.
The polling mechanism attempts to minimize the load on the server computer while delivering a reasonable level of responsiveness. This scheme is more efficient than continuous polling but relies on certain properties of Windows applications and so can "miss" updates in some situations.
VNC Hooks will also poll the screen infrequently to catch any missed updates. The VNC Hooks hooking technique cannot track console windows because of limitations in the operating system. Instead, console windows may be polled for changes. The first specification to match the address of the new connection determines the action that will performed. The pattern given above allows the computer with address All other connections are rejected by the - term, which is actually redundant in this case - a connection will always be rejected if it doesn't match anything in the Hosts pattern.
Note that IP addresses and masks are specified in Type-A xxx. The specification The Hosts pattern can be edited more easily through the Access Control interface, which allows IP address specifications to be edited individually and moved up to match first or down to match last the list. The Security page allows you to configure the required mode of authentication and level of security of VNC connections.
Connections can also be encrypted if required, to ensure secure operation even over untrusted networks. If your VNC Server is operating in a protected environment, such as a secure LAN or firewall-protected network, then you may wish to configure VNC Server to accept connections without requiring a username or password to be specified. This might be useful when tunnelling VNC over a secure protocol such as SSH, for example, to remove one redundant level of authentication.
We advise extreme caution when disabling authentication. Do not disable it unless you are absolutely sure that the host network is completely secure. VNC Password Authentication allows a single password of up to characters to be stored by VNC Server, which remote users must supply when prompted in order to authenticate. This authentication scheme is also compatible with older VNC Viewers, with the limitation that only the first 8 characters of the password are considered when authenticating legacy viewers, for compatibility reasons.
Legacy Viewers will not be able to connect if Encryption is set to Always On. The password to use can be configured by selecting Set Password and typing the new password twice. On platforms which support it, the password and all other configuration options are protected using native operating system security methods, so that the password cannot be read or tampered with by other users. This is known as the NtLogon authentication method.
NtLogon allows different access rights to be granted to different users or groups of users. NtLogon can be configured by selecting Access Control and using the standard Windows security interface to assign the required access rights to each user or group. The username and password supplied to NtLogon will be encrypted regardless of whether or not the session is to be encrypted.
AES is used in EAX-mode, a well-defined and provable system for ensuring that session data cannot be tampered with by an intermediary. New session keys are generated fro each session. By caching the RSA public keys of servers to which they have previously connected, VNC Viewers can verify the identity of the server before exchanging sensitive data with it.
This verification is required to prevent server spoofing and other man-in-the-middle attacks. This can be used to generate an initial set of keys for a host, or to replace an existing set of keys.
The user will be prompted before keys are replaced, and before generating keys. Note that replacing existing keys will cause Viewers that have previously connected to the Server to warn the user when they next attempt to connect. By default, VNC Server allows Viewers to connect as long as the correct username and password are supplied.
QueryConnect allows an extra level of protection to be applied, requiring a local user to explicitly accept incoming connections. Capabilities Summary Device access and instant support together cover every remote access use case Device access Access computers you own or manage at any time, from anywhere Instant support Quickly access anyone's computer without installing remote access software.
Provide a consolidated remote access strategy that evolves with your business Remote access tutorial New to remote access? Read our one-stop-shop tutorial Customer success stories Learn how our customers save time and money, increase efficiency and reduce risk Competitor comparisons See how we provide better value that TeamViewer, LogMeIn, Bomgar and more Marketing resources All our whitepapers, product brochures, ebooks and webinars in one place.
Our partners Resellers See a list of all our reseller partners around the world Distributors See a list of all our distributor partners around the world. For more information, please read our privacy policy. Got it. Download VNC Server 6. Related downloads Policy template files Remotely configure and lock down programs using policy.
RealVNC Products. Solutions for Windows The quick and easy way to connect to a Windows remote desktop from your tablet, PC, or smartphone macOS Seamlessly connect to and support your macOS computers from any location or device Linux Powerful and fast access to your remote desktops in Linux Raspberry Pi Educate, monitor and innovate — instantly connect to and control all your remote Raspberry Pi devices Education Secure, easy-to-use remote access software for educational institutions Integrators and OEMs Build remote access into your own products and services Home subscribers Free for non-commercial use on up to 5 devices.
Communications Blog Business and technology insights to help evolve your remote access strategy Press releases All our latest product and company news Media coverage Publications we've featured in, and industry news related to remote access. Careers Current opportunities We're hiring! Join our world-class, multi-disciplinary team in Cambridge, UK Employee benefits Details of our standard benefits package.
0コメント