Merge branch 'master' into vncserver-remove-basicauth
This commit is contained in:
Dmitry Maksyoma
@@ -1,48 +1,93 @@
|
||||
.TH vncpasswd 1 "" "KasmVNC" "Virtual Network Computing"
|
||||
.SH NAME
|
||||
vncpasswd \- change the VNC password
|
||||
vncpasswd \- setup VNC users and passwords
|
||||
.SH SYNOPSIS
|
||||
\fBvncpasswd\fR [\fIpasswd-file\fR]
|
||||
.br
|
||||
\fBvncpasswd\fR \-f
|
||||
\fBvncpasswd\fR -u [\fIusername\fR] [\fI-wnod\fR] [\fIpasswd-file\fR]
|
||||
.SH DESCRIPTION
|
||||
.B vncpasswd
|
||||
allows you to set the password used to access VNC desktops. Its default
|
||||
behavior is to prompt for a VNC password and then store an obfuscated version
|
||||
of this password to \fIpasswd-file\fR (or to $HOME/.vnc/passwd if no password
|
||||
file is specified.) The \fBvncserver\fP script runs \fBvncpasswd\fP the first
|
||||
time you start a VNC desktop, and it invokes \fBXvnc\fP with the appropriate
|
||||
\fB\-rfbauth\fP option. \fBvncviewer\fP can also be given a password file to
|
||||
use via the \fB\-passwd\fP option.
|
||||
allows you to add users and passwords used to access VNC desktops. Multiple
|
||||
users can be added, each with its own permissions. You can set view-only, use of
|
||||
mouse and keyboard allowed (-w), user managment permissions (-o). See OPTIONS
|
||||
below for details.
|
||||
|
||||
The password must be at least six characters long (unless the \fB\-f\fR
|
||||
command-line option is used-- see below), and only the first eight
|
||||
characters are significant. Note that the stored password is \fBnot\fP
|
||||
encrypted securely - anyone who has access to this file can trivially find out
|
||||
the plain-text password, so \fBvncpasswd\fP always sets appropriate permissions
|
||||
(read and write only by the owner.) However, when accessing a VNC desktop, a
|
||||
challenge-response mechanism is used over the wire making it hard for anyone to
|
||||
crack the password simply by snooping on the network.
|
||||
Its default behavior is to prompt for a VNC password and then store an
|
||||
obfuscated version of this password to \fIpasswd-file\fR (or to
|
||||
$HOME/.kasmpasswd if no password file is specified.) The \fBvncserver\fP script
|
||||
will ask you to add a user the first time you start a VNC desktop. HTTP Basic
|
||||
Authentication will be used to ask for username and password, when you connect.
|
||||
|
||||
The password must be at least six characters long (maximum of 128 characters).
|
||||
Note that the stored password is \fBnot\fP encrypted securely - anyone who has
|
||||
access to this file can trivially find out the plain-text password, so
|
||||
\fBvncpasswd\fP always sets appropriate permissions (read and write only by the
|
||||
owner.) However, when accessing a VNC desktop, a challenge-response mechanism
|
||||
is used over the wire making it hard for anyone to crack the password simply by
|
||||
snooping on the network.
|
||||
|
||||
.SH OPTIONS
|
||||
|
||||
.TP
|
||||
.B \-f
|
||||
Filter mode. Read a plain-text password from stdin and write an encrypted
|
||||
version to stdout. Note that in filter mode, short or even empty passwords
|
||||
will be silently accepted.
|
||||
.B \-u \fIname\fR
|
||||
|
||||
A view-only password must be separated from the normal password by a newline
|
||||
character.
|
||||
Specify user name. There can be multiple users.
|
||||
|
||||
.TP
|
||||
.B \-w
|
||||
|
||||
Write permission. Enable user to use mouse and keyboard. The default mode is to
|
||||
view only.
|
||||
|
||||
.TP
|
||||
.B \-o
|
||||
|
||||
Owner permission. Allow the user to add/delete users and change their
|
||||
permissions.
|
||||
|
||||
.TP
|
||||
.B \-d
|
||||
|
||||
Delete user specified with \fI-u\fR. You need the owner permission for that.
|
||||
|
||||
.TP
|
||||
.B \-n
|
||||
|
||||
Don't update their password, while updating permissions.
|
||||
|
||||
.SH FILES
|
||||
.TP
|
||||
$HOME/.vnc/passwd
|
||||
$HOME/.kasmpasswd
|
||||
Default location of the VNC password file.
|
||||
|
||||
.SH EXAMPLES
|
||||
.TP
|
||||
Create a new user foo that can to use mouse and keyboard:
|
||||
$ vncpasswd -u foo -w
|
||||
|
||||
.TP
|
||||
Create a new user foo that can view, but can't use mouse and keyboard:
|
||||
$ vncpasswd -u foo
|
||||
|
||||
.TP
|
||||
Create a new user foo that can add new users AND use mouse and keyboard:
|
||||
$ vncpasswd -u foo -ow
|
||||
|
||||
.TP
|
||||
Delete user foo
|
||||
$ vncpasswd -u foo -d
|
||||
|
||||
.TP
|
||||
Strip all permissions from user foo, making it view only. Don't touch password.
|
||||
$ vncpasswd -u foo -n
|
||||
|
||||
.TP
|
||||
Strip all permissions from user foo, making it view only. Change password.
|
||||
$ vncpasswd -u foo
|
||||
|
||||
.TP
|
||||
Add write permission for user foo. Don't touch password.
|
||||
$ vncpasswd -u foo -w -n
|
||||
|
||||
.SH SEE ALSO
|
||||
.BR vncviewer (1),
|
||||
.BR vncserver (1),
|
||||
.BR Xvnc (1)
|
||||
.BR vncconfig (1),
|
||||
|
||||
@@ -171,9 +171,9 @@ $HOME/.vnc/config
|
||||
An optional server config file wherein options to be passed to Xvnc are listed
|
||||
to avoid hard-coding them to the physical invocation. List options in this file
|
||||
one per line. For those requiring an argument, simply separate the option from
|
||||
the argument with an equal sign, for example: "geometry=2000x1200" or
|
||||
"securitytypes=vncauth,tlsvnc". Options without an argument are simply listed
|
||||
as a single word, for example: "localhost" or "alwaysshared".
|
||||
the argument with an equal sign, for example: "geometry=2000x1200". Options
|
||||
without an argument are simply listed as a single word, for example: "localhost"
|
||||
or "alwaysshared".
|
||||
.TP
|
||||
$HOME/.vnc/passwd
|
||||
The VNC password file.
|
||||
|
||||
Reference in New Issue
Block a user