Don't point to inaccessible link in sysconfig/vncservers (#644975).

Signed-off-by: Adam Tkac <atkac@redhat.com>
2011-04-13 16:59:40 +02:00 · 2011-04-13 16:59:40 +02:00 · 6120831ded
commit 6120831ded
parent 6986f49fe0
2 changed files with 14 additions and 2 deletions
--- a/tigervnc.spec
+++ b/tigervnc.spec
@ -306,6 +306,7 @@ fi
 %changelog
 * Wed Apr 13 2011 Adam Tkac <atkac redhat com> - 1.0.90-3
 - fix wrong usage of memcpy which caused screen artifacts (#652590)
+- don't point to inaccessible link in sysconfig/vncservers (#644975)

 * Fri Apr 08 2011 Adam Tkac <atkac redhat com> - 1.0.90-2
 - improve compatibility with vinagre client (#692048)
--- a/vncserver.sysconfig
+++ b/vncserver.sysconfig
@ -6,8 +6,19 @@
 # to do that.  
 #
 # DO NOT RUN THIS SERVICE if your local area network is
-# untrusted!  For a secure way of using VNC, see this URL:
-# http://kbase.redhat.com/faq/docs/DOC-7028
+# untrusted!  For a secure way of using VNC, you should
+# limit connections to the local host and then tunnel from
+# the machine you want to view VNC on (host A) to the machine
+# whose VNC output you want to view (host B)
+#
+# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB
+#
+# this will open a connection on port 590N of your hostA to hostB's port 590M
+# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB).
+# See the ssh man page for details on port forwarding)
+#
+# You can then point a VNC client on hostA at vncdisplay N of localhost and with
+# the help of ssh, you end up seeing what hostB makes available on port 590M

 # Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.