Hack 40. Control Your Computer Remotely
Have you ever wanted to do something on your computer from across the room? How about from the other side of the world?
It can be useful to be able to access your desktop machine remotely. You could checkserver logs, restart failed services, or even post to your weblog [Hack #39]. If you have a home network, you can set up all of your computers so that they are accessible remotely.
VNC (Virtual NetworkComputing) is an open-source application that is designed to allow one machine to control another machine over a network. It was originally developed at Bell Labs. VNC is also useful for collaboration. Multiple viewers (clients) can connect to the same server. Each viewer has its own cursor. You can use these cursors to point to content on the remote machine. The viewers display the cursors for all of the other viewers as well. Each cursor is displayed differently from the others so you can tell them apart.
The server side comes in Windows, Mac, and Linux flavors. You can download these versions and get more information from the main VNC web site (http://www.realvnc.com). There are other versions of VNC available as well. For Windows and Linux machines, there is TightVNC (http://www.tightvnc. com). For Windows, there is also UltraVNC (http://www.ultravnc.com). UltraVNC supports server-side scaling. For Macs, you will need OSXvnc (http://www.redstonesoftware.com/vnc.html). The built-in VNC on Macs doesn't work with PalmVNC.
You will also need an application to access the server. In typical computerspeak, this application would be called the client, but VNC uses the term viewer instead. The Palm viewer is called PalmVNC (http://palmvnc2.free.fr). You can also download UltraVNC for Windows with PalmVNC.
6.8.1. Set Up VNC on Your Desktop
To access your desktop remotely, you need to know its external IP address. If you have a single computer which is directly connected to the Internet and has a static IP address, that's easy. All you have to do is lookup your IP address in the appropriate place and write it down for use in setting up PalmVNC.
If you have a dynamic IP address (e.g., your home computer is sitting behind a router), the situation is a little more complicated. You need to consider using an IP publishing service (see the "IP Addresses" sidebar). An IP publishing service will typically let you choose a hostname within their domain. You end up with a name like hostname.domainname.com. Keep this symbolic address handy for setting up PalmVNC.
Download and install the appropriate version of VNC on your desktop machine. After VNC has finished installing, run the configuration part of it. You will be able to choose a password for VNC, as you can see in Figure 6-29. Choose a good password (at least eight characters and a mixture of upper-and lower-case characters, numbers, and punctuation). This password is all that is needed to access your machine over the Internet, so choose carefully. Either write it down or remember ityou will need the password when configuring PalmVNC.
Setting up OSXvnc on a Mac. When you run OSXvnc, you will see a screen similar to Figure 6-30. Select a display number (usually 1) and port (usually 5901). Set a passwordthis is the password which you will use when you log in from PalmVNC.
When your Mac is set up, then you can proceed to setting up PalmVNC (explained later in this hack). When everything is working and you are connected, you should see a screen on your Palm device that looks like Figure 6-31.
Figure 6-29. VNC server configuration under Windows
Figure 6-30. OSXvnc general setup screen
Figure 6-31. Viewing a Mac desktop with PalmVNC
Securing the connection. You will need to open some ports in your firewall for VNC. VNC itself needs access to ports 5900-5902. By default, VNC sends information (including passwords) as plaintext. You can use ssh (a secure protocol that can encapsulate other types of connections such as VNC; see http://www.openssh.org for more information) instead for more security. You will need to open port 22 in your firewall for ssh, if you have not already done so.
Some of the servers (notably TightVNC) have ssh setup by default. For other VNC servers, the process is fairly simple. From the client side of a desktop machine, you want to run something similar to the following:
ssh L 5902:localhost:5901 remotehost l username
PalmVNC comes with a plug-in that does RSA-40 encryption. If you want more security than that, you can tunnel your VNC connection through a VPN.
Whenever VNC is running, it will lookfor incoming connections. If you have a personal firewall (Norton Internet Security, ZoneAlarm, or others), you will need to set the firewall to allow VNC to access the Internet. If you have a port-based firewall, you will need to allow access to the ports that VNC uses. By default, VNC uses ports 5900 and 5800 (port 5800 is only used for a Java-based viewer), but you can change those ports if you want to under the Connections tab.
Setting up VPN. There is a Palm VPN client called Mergic VPN (http://www.mergic.com). To set up a VPN, you need to have an externally visible IP address for your desktop machine. Enter that IP address into Mergic VPN in the area titled VPN Server Name or Address, as shown in Figure 6-32. You can create multiple VPN accounts for connecting to different machines. Set the account name in the Account edit box. Note that this name is only used to distinguish between different setups in Mergic. The actual username for logging into VNC goes into the User Name field. You can also choose to have Mergic VPN autoconnect to the server when specific applications are run.
Figure 6-32. Setting up Mergic VPN
You can run PalmVNC using the VPN from Mergic. You can see Mergic VPN being set to run automatically whenever PalmVNC runs in Figure 6-33.
You also need to configure a VPN service on your desktop machine.
Setting up VPN on Windows XP. Windows XP comes with VPN available by default. Start by creating a new networkconnection (from the Network Connections section of the Control Panel). Select an Advanced Connection, as you can see in Figure 6-34. The next dialog box lets you select the advanced connection options. Select Accept incoming connections, as you can see in Figure 6-35. Next, choose the device that you want to allow VPN connections from. Then, you will need to allow VPN connections in the following dialog box, shown in Figure 6-36. After that, select the users that you want to allow to use VPN. You will need one of these usernames (and the corresponding password) when you set up Mergic VPN. The final steps are to allow access to different types of services (at a minimum you need TCP/ IPothers are your choice) and to set up the IP address for your computer.
Figure 6-33. Setting up MergicVPN to autoconnect whenever PalmVNC is run
Figure 6-34. Selecting an advanced connection to set up VPN in Windows XP
Figure 6-35. Selecting Accept incoming connections from the Advanced Connection Options dialog box
Figure 6-36. Allowing incoming VPN connections in Windows XP
6.8.2. Set Up PalmVNC
Download PalmVNC from http://palmvnc2.free.fr. Unzip it and install palmvnc.prc onto your Palm device.
Connect your Palm device to the Internet [Hack #34] and run PalmVNC. Set up a new connection to your desktop machine, as you can see in Figure 6-37. Enter the IP address for your desktop machine and the password you used when setting up the VNC server, and then tap OK and Connect from the next form. If everything is working, you should now see your desktop on your Palm device.
You can move around the desktop by using the narrow scrollbars on the right and bottom of the screen. If you set up server-side scaling when you were configuring the server, then you can select from PalmVNC's menus (or the Advanced dialog box, as seen in Figure 6-38) to take advantage of scaling. At 1:2 scaling, you can view a 640 x 640 desktop on a 320 x 320 Palm device or even up to a 640 x 960 desktop on a 320 x 480 Palm device. That's large enough to see (and do) a decent amount.
Figure 6-37. Setting up a PalmVNC connection
Figure 6-38. Advanced connection properties in PalmVNC
No matter which operating system your desktop is running, you can still control it with PalmVNC and an appropriate server. Make sure that you use an appropriate level of security for the environment you are in (running over a local network or running over the Internet).