From 6120831dedcf938075e01f210eef543b1ce76acc Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Wed, 13 Apr 2011 16:59:40 +0200 Subject: [PATCH] Don't point to inaccessible link in sysconfig/vncservers (#644975). Signed-off-by: Adam Tkac --- tigervnc.spec | 1 + vncserver.sysconfig | 15 +++++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/tigervnc.spec b/tigervnc.spec index 62c814f..16e5f59 100644 --- a/tigervnc.spec +++ b/tigervnc.spec @@ -306,6 +306,7 @@ fi %changelog * Wed Apr 13 2011 Adam Tkac - 1.0.90-3 - fix wrong usage of memcpy which caused screen artifacts (#652590) +- don't point to inaccessible link in sysconfig/vncservers (#644975) * Fri Apr 08 2011 Adam Tkac - 1.0.90-2 - improve compatibility with vinagre client (#692048) diff --git a/vncserver.sysconfig b/vncserver.sysconfig index 5940a1e..bc0b22d 100644 --- a/vncserver.sysconfig +++ b/vncserver.sysconfig @@ -6,8 +6,19 @@ # to do that. # # DO NOT RUN THIS SERVICE if your local area network is -# untrusted! For a secure way of using VNC, see this URL: -# http://kbase.redhat.com/faq/docs/DOC-7028 +# untrusted! For a secure way of using VNC, you should +# limit connections to the local host and then tunnel from +# the machine you want to view VNC on (host A) to the machine +# whose VNC output you want to view (host B) +# +# [user@hostA ~]$ ssh -v -C -L 590N:localhost:590M hostB +# +# this will open a connection on port 590N of your hostA to hostB's port 590M +# (in fact, it ssh-connects to hostB and then connects to localhost (on hostB). +# See the ssh man page for details on port forwarding) +# +# You can then point a VNC client on hostA at vncdisplay N of localhost and with +# the help of ssh, you end up seeing what hostB makes available on port 590M # Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.