One of the attractive features of Mac OS X is the ease with which you can integrate a Mac OS X system into a Unix environment consisting of multiple Unix workstations that typically rely on X11 for their GUI. In the previous section, for example, we explained how to log in to a remote Unix machine, launch an X11 application, and display the application on your Mac. The reverse process is also possible. You can log into a remote Mac OS X machine from another computer, launch an application on the remote Mac OS X machine, and have the application display on your local machine. The local machine, meanwhile, can be running the X Window System, Microsoft Windows, or any another platform supported by Virtual Network Computer (VNC).
VNC consists of two components :
The VNC connection is made through a TCP/IP connection.
The VNC server and viewer may not only be on different machines, but they can also be installed on different operating systems. This allows you to, for example, connect from Solaris to Mac OS X. Using VNC, you can launch and run both X11 and Aqua applications on Mac OS X, but view and control them from your Solaris box.
VNC can be installed on Mac OS X with the Fink package manager (look for the vnc package), but that version (the standard Unix version of the VNC server) only supports X11 programs, not Aqua applications. This standard Unix version of VNC translates X11 calls into the VNC protocol. All you need on the client machine is a VNC viewer. An attractive Mac-friendly alternative to the strictly X11-based VNC server is OSXvnc (http://www.redstonesoftware.com/vnc.html).
The standard Unix version of the VNC server is quite robust. Rather than interacting with your display, it intercepts and translates the X11 network protocol. (In fact, the Unix version of the server is based on the XFree86 source code.) Applications that run under the Unix server are not displayed on the server's screen (unless you set the DISPLAY environment variable to :0.0, in which case it would be displayed only on the remote server, but not on your VNC client). Instead, they are displayed on an invisible X server that relays its virtual display to the VNC viewer on the client machine. OSXvnc works in a similar manner except it supports the Mac OS X Aqua desktop instead of X11. With the OSXvnc server running on your Mac OS X system, you can use a VNC client on another system, for example, a Unix system, to display and control your Mac OS X Aqua desktop. You can even tunnel these VNC connections (both X11 and Aqua) through SSH.
5.7.1 Launching VNC
If you installed VNC on your Mac OS X system via Fink (or on any Unix system for that matter), you can start the VNC server by issuing the following command:
If you don't have physical access to the system on which you want to run the VNC server, you can login into it remotely and enter the command before logging out:
This starts the VNC server, and nohup makes sure that it continues to run after you log out. In either case, the first time you start vncserver , you need to supply a password, which you need anyway when connecting from a remote machine. (This password can be changed using the command vncpasswd .) You can run several servers; each server is identified by its hostname with a :number appended. For example, suppose you start the VNC server twice on a machine named abbott ; the first server will be identified as abbott:1 and the second as abbott:2 . You will need to supply this identifier when you connect from a client machine.
By default, the VNC server runs twm . So, when you connect, you will see an X11 desktop instead of the Mac OS X desktop. You can specify a different window manager in ~/.vnc/xstartup . To terminate the VNC server, use the following command syntax:
vncserver -kill : display
For example, to terminate abbott:1 , you would issue the following command while logged into abbott as the user who started the VNC server:
vncserver -kill :1.
22.214.171.124 VNC and SSH
VNC passwords and network traffic are sent over the wire as plaintext. However, you can use SSH with VNC to encrypt this traffic.
There is a derivative of VNC, called TightVNC, which is optimized for bandwidth conservations. (If you are using Fink, you can install it with the command fink install tightvnc ). TightVNC also offers automatic SSH tunneling on Unix and backward compatibility with the standard VNC.
If you want to tunnel your VNC connection through SSH, you can do it even without TightVNC. To illustrate this process, let's consider an example using a SUN workstation running Solaris named mrchops and a PowerBook G4 named tichops running Panther. In the following example, the VNC server is running on the Solaris machine and a VNC client on the Mac OS X machine. To display and control the remote Solaris GNOME desktop on your local Mac OS X system, do the following:
Figure 5-8. VNCDimension displaying a remote GNOME desktop
5.7.2 Connecting to the Mac OS X VNC Server
To connect to a Mac OS X machine that is running a VNC server, you will need a VNC viewer. We mentioned two Mac OS X viewers ( VNCDimension and Chicken of the VNC ) earlier, and additional Mac OS X viewers can be found on Version Tracker or MacUpdate (http://www. versiontracker .com/macosx/ or http://www.macupdate.com) by searching for "VNC". VNC or TightVNC provide viewers for Unix systems. These viewers can be used to display and control the Mac OS X Aqua desktop.
To connect, start your viewer and specify the hostname and display number, such as chops:1 or chops:2 . If all goes well, you'll be asked for your password and then be connected to the remote Mac OS X desktop. VNC connections to Mac OS X Aqua desktops can be established through SSH tunnels.
To illustrate this process, let's do the reverse of what we did in our last example; let's make an SSH-secured connection from a Solaris machine to the Mac OS X machine running the VNC server. Again, let's assume that the name of the Solaris machine is mrchops and the Mac OS X machine has a hostname of tichops.
Figure 5-9. Starting the OSXvnc server
Figure 5-10. Mac OS X desktop displayed and controlled on a Solaris GNOME desktop
A wrapper application for OSXvnc, Share My Desktop (SMD), is available from Bombich Software (http://www.bombich.com/software/smd.html) and is licensed under the GNU General Public License. This handy little application reduces launching the OSXvnc server to a one-click operation. To start the VNC server, just launch the SMD application and click the "Start Sharing" button as shown in Figure 5-11. A random password and port for the VNC server is automatically chosen . You can modify the default setting in SMD's Preferences. In particular, you can keep the password private (it is displayed as asterisks in the SMD main window), and either generate a random password (default) or specify your own password. Additionally, you can select two energy saving settings: allow the screen to dim, and allow the computer to sleep.
Figure 5-11. Share My Desktop's one click to start/stop the VNC server
If you want the VNC server to run whenever the Mac OS X system is running, SMD provides a way to install and configure a system-wide VNC server that will, optionally , start on when you boot up your Mac OS X system. To take advantage of this feature, you'll need to be logged in as an administrative user. Assuming this is the case, open the SMD application, and select File Manage System VNC Server to open the dialog window as shown in Figure 5-12.
Figure 5-12. Installing a System VNC Server with Share My Desktop
Click the lock to make changes and supply your administrative password (you must be an administrative user to do this). This pop-up window will allow you to install the VNC server and startup item, configure settings (password, port, display name, start VNC server on startup, allow the screen to dim, allow the computer to sleep), and to turn on/off the System VNC Server. If you click the Install System VNC button, the OSXvnc-server and storepasswd binaries will be installed in /usr/local/bin and a startup item in /Library/StartupItems /. A backup of the /etc/hostconfig file is also made, in case you later want to uninstall the system-wide VNC server and return to the settings you had prior to the installation of the system VNC.
The settings for the system-wide VNC server are stored in /etc/vnc_settings , and the password is stored in /etc/vnc_pass . Changing the "Start VNC server on startup" option resets the value of VNCSERVER in the / etc/hostconfig file. If you've installed the system-wide VNC server using this procedure, you can uninstall it (along with its configuration files) by clicking the "Uninstall System VNC" button in the same Manage System VNC Server pop-up window. This uninstall procedure will also restore the /etc/hostconfig , which was backed up when you installed VNC server. Since this can overwrite system configuration changes you've made since installing VNC, we suggest that you instead edit the VNCSERVER line so that it is set to -NO- instead of -YES- and restart (see Chapter 2 for more information on the hostconfig file).