|
|
@@ -47,25 +47,26 @@ arbitrary. |
|
|
|
.SH PARAMETERS |
|
|
|
|
|
|
|
.TP |
|
|
|
.B display |
|
|
|
.B \-display \fIdisplay\fP |
|
|
|
The X display name. If not specified, it defaults to the value of the |
|
|
|
DISPLAY environment variable. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B rfbport |
|
|
|
TCP port to listen for incoming VNC connections (RFB protocol). The default |
|
|
|
port is 5900. |
|
|
|
.B \-rfbport \fIport\fP |
|
|
|
Specifies the TCP port on which x0vncserver listens for connections from |
|
|
|
viewers (the protocol used in VNC is called RFB - "remote framebuffer"). |
|
|
|
The default port is 5900. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B Log |
|
|
|
Specifies which log output should be directed to which target logger, and the |
|
|
|
level of output to log. Format is \fIlog\fP:\fItarget\fP:\fIlevel\fP. |
|
|
|
Default is \fB*:stderr:30\fP (log everything to stderr, set log level to 30). |
|
|
|
Log level should be a value between 0 and 100, higher levels produce more |
|
|
|
output. |
|
|
|
.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP |
|
|
|
Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, |
|
|
|
\fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning |
|
|
|
most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can |
|
|
|
target a specific source file if you know the name of its "LogWriter". Default |
|
|
|
is \fB*:stderr:30\fP. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B HostsFile |
|
|
|
.B \-HostsFile \fIfilename\fP |
|
|
|
This parameter allows to specify a file name with IP access control rules. |
|
|
|
The file should include one rule per line, and the rule format is one of the |
|
|
|
following: +\fIaddress\fP/\fIprefix\fP (accept connections from the |
|
|
@@ -77,110 +78,122 @@ include only an action sign (+, - or ?) will match any IP address. |
|
|
|
Default is to accept connections from any IP address. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B SecurityTypes |
|
|
|
.B \-SecurityTypes \fIsec-types\fP |
|
|
|
Specify which security scheme to use for incoming connections. Valid values |
|
|
|
are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, |
|
|
|
\fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, \fBX509None\fP, \fBX509Vnc\fP |
|
|
|
and \fBX509Plain\fP. Default is \fBVncAuth,TLSVnc\fP. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B rfbauth, PasswordFile |
|
|
|
.B \-rfbauth \fIpasswd-file\fP, \-PasswordFile \fIpasswd-file\fP |
|
|
|
Password file for VNC authentication. There is no default, you should |
|
|
|
specify the password file explicitly. Password file should be created with |
|
|
|
the \fBvncpasswd\fP(1) utility. |
|
|
|
the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection |
|
|
|
comes in, so it can be changed on the fly. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B Password |
|
|
|
.B \-Password \fIpassword\fP |
|
|
|
Obfuscated binary encoding of the password which clients must supply to |
|
|
|
access the server. Using this parameter is insecure, use \fBPasswordFile\fP |
|
|
|
parameter instead. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B PlainUsers |
|
|
|
.B \-PlainUsers \fIuser-list\fP |
|
|
|
A comma separated list of user names that are allowed to authenticate via |
|
|
|
any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP |
|
|
|
to allow any user to authenticate using this security type. Default is to |
|
|
|
deny all users. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B pam_service, PAMService |
|
|
|
.B \-pam_service \fIname\fP, \-PAMService \fIname\fP |
|
|
|
PAM service name to use when authentication users using any of the "Plain" |
|
|
|
security types. Default is \fBvnc\fP. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B X509Cert |
|
|
|
.B \-X509Cert \fIpath\fP |
|
|
|
Path to a X509 certificate in PEM format to be used for all X509 based |
|
|
|
security types (X509None, X509Vnc, etc.). |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B X509Key |
|
|
|
.B \-X509Key \fIpath\fP |
|
|
|
Private key counter part to the certificate given in \fBX509Cert\fP. Must |
|
|
|
also be in PEM format. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B BlacklistThreshold |
|
|
|
.B \-BlacklistThreshold \fIcount\fP |
|
|
|
The number of unauthenticated connection attempts allowed from any individual |
|
|
|
host before that host is black-listed. Default is 5. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B BlacklistTimeout |
|
|
|
.B \-BlacklistTimeout \fIseconds\fP |
|
|
|
The initial timeout applied when a host is first black-listed. The host |
|
|
|
cannot re-attempt a connection until the timeout expires. Default is 10. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B QueryConnect |
|
|
|
Prompt the local user to accept or reject incoming connections. Default is |
|
|
|
off. |
|
|
|
.B \-QueryConnect |
|
|
|
Prompts the user of the desktop to explicitly accept or reject incoming |
|
|
|
connections. Default is off. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B QueryConnectTimeout |
|
|
|
.B \-QueryConnectTimeout \fIseconds\fP |
|
|
|
Number of seconds to show the Accept Connection dialog before rejecting the |
|
|
|
connection. Default is 10. |
|
|
|
connection. Default is \fB10\fP. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B AlwaysShared |
|
|
|
Always treat incoming connections as shared, regardless of the |
|
|
|
client-specified setting. Default is off. |
|
|
|
.B \-AlwaysShared |
|
|
|
Always treat incoming connections as shared, regardless of the client-specified |
|
|
|
setting. Default is off. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B NeverShared |
|
|
|
Never treat incoming connections as shared, regardless of the |
|
|
|
client-specified setting. Default is off. |
|
|
|
.B \-NeverShared |
|
|
|
Never treat incoming connections as shared, regardless of the client-specified |
|
|
|
setting. Default is off. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B DisconnectClients |
|
|
|
Disconnect existing clients if an incoming connection is non-shared. If |
|
|
|
combined with \fBNeverShared\fP then new connections will be refused while |
|
|
|
there is a client active. Default is on. |
|
|
|
.B \-DisconnectClients |
|
|
|
Disconnect existing clients if an incoming connection is non-shared. Default is |
|
|
|
on. If \fBDisconnectClients\fP is false, then a new non-shared connection will |
|
|
|
be refused while there is a client active. When combined with |
|
|
|
\fBNeverShared\fP this means only one client is allowed at a time. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B AcceptKeyEvents |
|
|
|
Accept key press and release events from clients. Default is on. |
|
|
|
.B \-AcceptKeyEvents |
|
|
|
Accept key press and release events from clients. Default is on. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B AcceptPointerEvents |
|
|
|
Accept pointer events from clients. Default is on. |
|
|
|
.B \-AcceptPointerEvents |
|
|
|
Accept pointer press and release events from clients. Default is on. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B RemapKeys |
|
|
|
Comma-separated list of incoming keysyms to remap. Mappings are expressed as |
|
|
|
two hex values, prefixed by \fB0x\fP, and separated by \fB->\fP (`dash' and |
|
|
|
`greater than' characters). |
|
|
|
.B \-RemapKeys \fImapping |
|
|
|
Sets up a keyboard mapping. |
|
|
|
.I mapping |
|
|
|
is a comma-separated string of character mappings, each of the form |
|
|
|
.IR char -> char , |
|
|
|
or |
|
|
|
.IR char <> char , |
|
|
|
where |
|
|
|
.I char |
|
|
|
is a hexadecimal keysym. For example, to exchange the " and @ symbols you would specify the following: |
|
|
|
|
|
|
|
.RS 10 |
|
|
|
RemapKeys=0x22<>0x40 |
|
|
|
.RE |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B RawKeyboard |
|
|
|
.B \-RawKeyboard |
|
|
|
Send keyboard events straight through and avoid mapping them to the current |
|
|
|
keyboard layout. This effectively makes the keyboard behave according to the |
|
|
|
layout configured on the server instead of the layout configured on the |
|
|
|
client. Default is off. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B Protocol3.3 |
|
|
|
Always use RFB protocol version 3.3 for backwards compatibility with |
|
|
|
badly-behaved clients. Default is off. |
|
|
|
.B \-Protocol3.3 |
|
|
|
Always use protocol version 3.3 for backwards compatibility with badly-behaved |
|
|
|
clients. Default is off. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B Geometry |
|
|
|
.B \-Geometry \fIgeometry\fP |
|
|
|
This option specifies the screen area that will be shown to VNC clients. The |
|
|
|
format is |
|
|
|
.B \fIwidth\fPx\fIheight\fP+\fIxoffset\fP+\fIyoffset\fP |
|
|
@@ -190,68 +203,70 @@ assumed by default (top left corner). If the argument is empty, full screen |
|
|
|
is shown to VNC clients (this is the default). |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B MaxProcessorUsage |
|
|
|
.B \-MaxProcessorUsage \fIpercent\fP |
|
|
|
Maximum percentage of CPU time to be consumed when polling the |
|
|
|
screen. Default is 35. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B PollingCycle |
|
|
|
.B \-PollingCycle \fImilliseconds\fP |
|
|
|
Milliseconds per one polling cycle. Actual interval may be dynamically |
|
|
|
adjusted to satisfy \fBMaxProcessorUsage\fP setting. Default is 30. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B CompareFB |
|
|
|
.B \-CompareFB \fImode\fP |
|
|
|
Perform pixel comparison on framebuffer to reduce unnecessary updates. Can |
|
|
|
be either \fB0\fP (off), \fB1\fP (always) or \fB2\fP (auto). Default is |
|
|
|
\fB2\fP. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B UseSHM |
|
|
|
.B \-UseSHM |
|
|
|
Use MIT-SHM extension if available. Using that extension accelerates reading |
|
|
|
the screen. Default is on. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B ZlibLevel |
|
|
|
.B \-ZlibLevel \fIlevel\fP |
|
|
|
Zlib compression level for ZRLE encoding (it does not affect Tight encoding). |
|
|
|
Acceptable values are between 0 and 9. Default is to use the standard |
|
|
|
compression level provided by the \fBzlib\fP(3) compression library. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B ImprovedHextile |
|
|
|
.B \-ImprovedHextile |
|
|
|
Use improved compression algorithm for Hextile encoding which achieves better |
|
|
|
compression ratios by the cost of using slightly more CPU time. Default is |
|
|
|
on. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B IdleTimeout |
|
|
|
The number of seconds after which an idle VNC connection will be dropped |
|
|
|
(zero means no timeout). Default is 0. |
|
|
|
.B \-IdleTimeout \fIseconds\fP |
|
|
|
The number of seconds after which an idle VNC connection will be dropped. |
|
|
|
Default is 0, which means that idle connections will never be dropped. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B MaxDisconnectionTime |
|
|
|
.B \-MaxDisconnectionTime \fIseconds\fP |
|
|
|
Terminate when no client has been connected for \fIN\fP seconds. Default is |
|
|
|
0. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B MaxConnectionTime |
|
|
|
.B \-MaxConnectionTime \fIseconds\fP |
|
|
|
Terminate when a client has been connected for \fIN\fP seconds. Default is |
|
|
|
0. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B MaxIdleTime |
|
|
|
.B \-MaxIdleTime \fIseconds\fP |
|
|
|
Terminate after \fIN\fP seconds of user inactivity. Default is 0. |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B ClientWaitTimeMillis |
|
|
|
The number of milliseconds to wait for a client which is no longer |
|
|
|
responding. Default is 20000. |
|
|
|
.B \-ClientWaitTimeMillis \fItime\fP |
|
|
|
Time in milliseconds to wait for a viewer which is blocking the server. This is |
|
|
|
necessary because the server is single-threaded and sometimes blocks until the |
|
|
|
viewer has finished sending or receiving a message - note that this does not |
|
|
|
mean an update will be aborted after this time. Default is 20000 (20 seconds). |
|
|
|
. |
|
|
|
.TP |
|
|
|
.B AcceptCutText |
|
|
|
.B \-AcceptCutText |
|
|
|
.TQ |
|
|
|
.B SendCutText |
|
|
|
.B \-SendCutText |
|
|
|
.TQ |
|
|
|
.B MaxCutText |
|
|
|
.B \-MaxCutText |
|
|
|
Currently unused. |
|
|
|
|
|
|
|
.SH SEE ALSO |