Hi,
Thanks for sharing this pre-release build and thanks very much for all of the
hard work that went into it!
I am particularly interested in a couple of things being addressed in this
release:
1. The user-friendly Mac OS X VNC viewer, thanks to the Java implementation. :-D
2. The "built-in SSH tunnelling support".
so I thought I'd make some comments on my first impressions.
1. The Mac OS X Java VNC viewer
I tried the Java VNC viewer app on my Mac (OS X 10.7.4), running Java runtime
environment v1.6.0_33. Everything worked really well, except that when I
connected to a non-TurboVNC VNC server (*), most of the VNC screen was black
initially, until I clicked the screen in a few places, which caused it to
refresh, then everything worked fine.
(*) Mac OS X 10.6.8's
/System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/MacOS/AppleVNCServer
I have to admit that Apple's 2010 announcement "deprecating" Java from Mac OS X
and banning it from the App Store left a sour taste in my mouth (as I was a
full-time Java developer at the time, targeting Mac OS X), but you have clearly
demonstrated that Java is still worth considering for Mac OS X GUIs - thanks!
Until I heard about this (preview) release, my approach has been to develop a
wxPython / {py2app, py2exe, pyinstaller} GUI to create an SSH tunnel and launch
the command-line version of TurboVNC. Part of the motivation for this wxPython
GUI is quickly disappearing, now that you are providing a double-clickable
TurboVNC app for Mac OS X, but my GUI still has some specialised functionality
which will keep it alive for the time being. The source code for this wxPython
GUI will be made public soon, but it may be too specialised to be of general
interest.
The wxPython-launching-TurboVNC approach seems to work well - some of my
colleagues already use my GUI regularly, although transmitting a password via
-autopass is not as secure as hooking directly into an API, and some TurboVNC
options seem to be missing from the Mac / X11 version of TurboVNC's vncviewer,
e.g. "scale" and "span". It appears that if I switch my GUI to use the Java
command-line TurboVNC viewer, instead of the X11 version, the "scale" option
will now be available on Mac OS X, but the "span" option still won't be
available, and if I switch to the Java viewer, I will be adding a new
dependency - the Java runtime environment, which is no longer installed
automatically on Mac OS X (since OS X 10.7).
One thing my users have requested is the ability to set the server-side display
geometry from the client-side GUI, which I accomplish by using a Python SSH
module to run a "sed" command on the (Linux) server to ensure that the desired
geometry settings are set in ~/.vnc/turbovncserver.conf.
Another thing my wxPython GUI does is allow a choice of SSH ciphers for the
tunnel (e.g. 3des, blowfish, arcfour), because they can affect performance.
2. The "built-in SSH tunnelling support".
I assume that despite the "built-in" description, you are still calling an
external SSH binary, rather than an SSH API? I notice that you include
"putty.exe" with the Windows distribution of TurboVNC. I prefer the Cygwin
OpenSSH, e.g. this build:
http://sshwindows.webheat.co.uk/display/sshwindows/OpenSSH+for+Windows for the
following reasons:
- Neither PuTTY.exe, nor its command-line alternative PLink.exe understands
OpenSSH keys, e.g. a key pair generated on the (Linux) server side, using
ssh-keygen
- Although PuTTYgen.exe is capable of importing OpenSSH keys, it doesn't have a
command-line interface (or API), only a GUI, so it is not scriptable.
My wxPython GUI currently requires a username (saved in local settings for
re-use next time the application launches), and a password, even if the user
has set up an SSH key pair with an empty passphrase (to avoid having to enter a
password for SSH login). As far as I know, I can't use an SSH private key to
bypass TurboVNC 1.1's Unix/PAM authentication. (I know it is possible to use
the "passwd" option if using standard VNC authentication, but our server only
allows Unix/PAM authentication). It is not clear to me from the command-line
help for the Java VNC Viewer (java -jar VncViewer.jar -?) whether it will be
possible to use an SSH key-pair instead of entering a password for TurboVNC
servers requiring Unix/PAM authentication. If it is possible, it would be nice
to see a simple list of steps somewhere in the documentation, e.g. 1. Run
ssh-keygen on the server, 2. Download the private key and delete it from the
server, etc. etc.
Kind regards,
James
On 05/08/2012, at 10:41 AM, DRC wrote:
> http://www.virtualgl.org/DeveloperInfo/PreReleases
…
> Major new changes:
…
> -- All-new Java viewer code base, which contains most if not all of the
> existing TurboVNC features, as well as:
…
> * Built-in SSH tunneling support (currently has to be used from the
> command line. Looking for funding to expand this into the GUI and add
> SSH key, i.e. password-less login, support)
...
> * Packaged as a stand-alone app on Mac (fully self-contained, with
> the Java code as well as the libjpeg-turbo JNI code included in the
> app), so the app can be used as a user-friendly alternative to the X11
> TurboVNC Viewer.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
VirtualGL-Devel mailing list
VirtualGL-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/virtualgl-devel
