In his blog post Remote meeting participants? We use Skype and VNC Rob Hooft discusses how we came to use a combination of Skype and VNC for our meetings after evaluating a couple of conferencing options. In this post I would like to follow this up with a technical overview of what’s necessary to set up your own VNC based screen sharing.
The server side
On the server you need to have an desktop environment that can be shared through VNC. This can be the X Window system with a desktop like Gnome or KDE on Linux. You also want to have the common desktop tools like a web browser, office software and a PDF viewer installed to actually share presentations or documents.
To show your desktop you will need a VNC server to which everyone can connect. We experienced with TightVNC and vnc4server. We found vnc4server to be the most stable, both of them are readily available in the software repositories of the most common Linux distributions.
To make it easy for everyone to join the conference we use a small web-page that serves to distribute a Java VNC applet to the users. Because of applet security sand-boxing the web page must reside on the same server as the VNC server. So you will need to have a web server configured as well. The web page can be really simple as showed below:
<html> <title>shared desktop</title> <body> <applet archive="TightVncViewer.jar" code="com.tightvnc.vncviewer.VncViewer" width="1024" height="768"> <param name="Port" value="5901"> <param name="Scaling Factor" value=100> <param name="View only" value="Yes"> <param name="Share desktop" value="Yes"> <param name="Show controls" value="No"> </applet> <br> <a href="http://www.tightvnc.com/">TightVNC Web Site</a> </body> </html>
The page refers to the applet TightVncViewer.jar which can be found on the TightVNC website. You also need to pay attention to the applet parameters marked in red above, and verify that they match your configuration.
If you want to have an encrypted connection you can configure the VNC Viewer to use an SSH connection. We currently don’t use it, since we simply shut down the VNC server when it is not needed. Depending on your configuration you will need to open up the HTTP port (80/tcp) and either VNC port (590x/tcp) or SSH port (22/tcp) for connections from the internet. If your server is directly connected to the internet and uses the iptables firewall a line similar to this will usually suffice:
iptables -I INPUT -p tcp -m multiport --dports 80,5901 \ -m state --state NEW \ -m comment --comment 'Web and VNC for conference' \ -j ACCEPT
To start the service you simply login with SSH and start the vncserver command. If you start vncserver for the first time you will be prompted to give a VNC password, this is the password you give to the participants in your conference to access the shared screen. If you later on want to change the password you can do so with the vncpasswd command.
After your conference is finished you can stop your vnc server with the vncserver -kill command.
The client side
On the client side not that much is needed. The watchers need a web browser with support for Java, the presenter will need an SSH connection to start up the VNC server (unless you decide to keep it always running) and a full VNC client to control the screen. Since you don’t have voice over the VNC connection we use it in combination with Skype to set up the conference call. You can use the Skype chat functionality to share link and the password to access the VNC shared screen.
Even though it has been a pretty smooth ride so far, there are some limitations you have to consider if you decide to use VNC for a shared desktop.
- The distinction between the presenter and the viewers is not implemented in the vnc4server, so it’s easy for someone to take over control if he knows the password. Connecting with a regular VNC client will give you full control, and the HTML code for the applet will expose everything one needs to know to connect, so obfuscation by changing the port won’t help a bit. TightVNC however, does make the distinction between a full control password and a view only password.
- Sometimes the screen is lagging a bit, this means sharing movies or animations might be problematic
- No sound, but we share voice through skype.
- No support for iPad, iPhone or other devices that don’t support Java.
- Clipboard support over VNC is not optimal.
If you have a server on which you can install a desktop environment, a web server and a VNC server you have a cheap conferencing solution in combination with Skype, which in our experience can compete with many commercial solutions.