Tuesday, May 14, 2013

SPICE client for Android in Google Play? Look no further than aSPICE, the first and only one to have landed in Google Play!

To anybody who chances upon this blog entry, I wanted to announce the first Android SPICE client in Google Play called aSPICE and available here:

https://play.google.com/store/apps/details?id=com.iiordanov.aSPICE

It is sure to have some defects at the beginning, so please send your constructive comments through the Send Email link in Google Play.

Also, please excuse the higher price, but there was a steep learning curve and a large investment of time up until this point, and a much larger investment in time in the future to support the project.

If the project sees support, I will be working on simplifying the glue between the UI and the native layer which will result in better stability, higher performance, and hopefully upgradability/maintainability of the native layer.

For reference, the free and donation versions of aSPICE's sister projects bVNC and aRDP:

https://play.google.com/store/search?q=bVNC+aRDP


Sunday, March 24, 2013

Generating and importing RSA/DSA SSH keys into bVNC Secure

Apart from being able to generate its own SSH keys in RSA and DSA format (tap the "Manage Key" button in VNC over SSH mode), versions v3.0.5 and newer of my VNC client, bVNC Secure, can import RSA/DSA keys as well. This guide will show you how such keys are generated and imported into bVNC Secure.

bVNC Secure is an Android and Blackberry Playbook/OS 10 application, available on Google Play and App World respectively. Find it on your mobile device or here:

Google Play, for devices running Android 2.2 and up, or here:

App World for BB Playbook and OS 10 devices.


Generating supported key types in a supported format:

- Encrypted RSA keys in PEM format, obtainable with the following command:
  ssh-keygen -t rsa -b 4096 -f SOMEFILE
When prompted for a pass-phrase enter one of your choice which will be needed to make use of the key when using it to connect.

- Non-encryped RSA keys in PEM format obtainable with the following command:
  ssh-keygen -t rsa -b 4096 -f SOMEFILE
When prompted for a pass-phrase, press enter (twice).

- Non-encryped RSA/DSA keys in PKCS#8 format, obtainable with:
  ssh-keygen -t dsa -b 1024 -f TEMP
  openssl pkcs8 -topk8 -nocrypt > SOMEFILE < TEMP

Importing the key stored in SOMEFILE into bVNC by:

- copying it to the "Download" directory on your smartphone or tablet
- Creating a connection of type VNC over SSH
- Tapping "Manage key"
- Typing SOMEFILE into the text field marked "Filename in Download directory"
- If your key is encrypted, entering your passphrase in the text-field marked "Passphrase"
- Tapping "Import".

Saturday, March 23, 2013

Setting up TigerVNC for secure connections to Windows with bVNC

This guide is for configuring TigerVNC on Windows for secure VNC connection using bVNC Secure/Free bVNC Secure, but is completely applicable to any VNC client that supports VeNCrypt. Only the VNC client configuration would be different.

bVNC Secure is an Android and Blackberry Playbook/OS 10 application, available on Google Play and App World respectively. Find it on your mobile device or here:

Google Play, for devices running Android 2.2 and up, or here:

App World for BB Playbook and OS 10 devices.


Setting up TigerVNC:
 

- Download and install the latest TigerVNC from Sourceforge:
  https://sourceforge.net/projects/tigervnc/files/

  As of the latest update to this document, the latest Windows exe file is:

  https://sourceforge.net/projects/tigervnc/files/stable/1.12.0/tigervnc64-winvnc-1.12.0.exe/download

  Please note that if you have issues with the latest version, you may try to install a previous version of TigerVNC

- If Bitdefender stops you from running the installer, right-click on the file, click Properties, and tick the "Unblock" checkbox. Hit Apply, and run the installer again.

- Find and run "Register VNC Service" from the Start bar

- Find and run "Run VNC Server" from the Start bar

- When prompted, allow connectivity on whatever networks you will need to be able to access the PC (private, public, or both). Selecting both allows connections anywhere.

- Then, when the TigerVNC icon shows up in the task-bar (it is an eye of a tiger), right-click on it, select "Options", and configure it as shown in the screen-shot below. Note I've clicked on "Configure" to set a password.

- Important! Since you're reading this, you must be conscious about security. Set an exactly 8-character password using no dictionary words and preferably containing numbers and punctuation and other symbols for enhanced security. Write down this password as you will need it in the last step.

Click on the screen-shot below to see the whole image:



Configuring Windows Firewall:

    - Open the Control Panel.
    - Find and open "Windows Firewall"
    - Click on the "Exceptions" tab.
    - Click on "Add Port", name the rule something like "VNC", and enter 5900 in the port, and click "OK".

Click on the screen-shot for an illustration below:



Finally, configuring bVNC:

    - Create a New Connection in bVNC.
    - Under "Connection Type", select "Secure VNC over VeNCrypt".
    - Enter the IP address of the computer where you installed TigerVNC in the "VNC Server" field. You can find the ip like this.
    - Don't enter a "VNC Username"
    - Enter the password you set in the previous step into the "VNC Password" field.
    - Tap connect and you should be happily connected over an encrypted channel.


Additional notes for connecting over the Internet:

- If you need to connect to your computer over the Internet and you have a router, you need to forward a port on the router to your internal computer running TigerVNC. Do a Google search for how to forward a port on your particular router model.

- If you are connecting over the Internet, consider forwarding a non-standard external port to port 5900 of the machine running TigerVNC. This way, it will be less likely hackers will attack your TigerVNC service to try to crack your password. For example, forward a random-looking 5-digit port number like 62563 to port 5900 of the computer running TigerVNC.

- You also need to discover your external IP address (you can do a Google search for "what is my ip".

- If your external IP address changes (it is dynamic), it is also advisable to set up "Dynamic DNS" which will track your external IP address so you don't have to rediscover it when it changes.

Sunday, March 3, 2013

Chef cookbook for AutoX (like NX) with x11vnc, ssvnc, and bVNC

I've created a Chef cookbook available here:

https://github.com/iiordanov/autox-cookbook

which will automatically configure your system for AutoX (NX-like functionality) over VNC. The back-end is handled by x11vnc in combination with Xvfb or Xvnc, and for a client, use my bVNC Secure softwarre on Android/Blackberry 10, and ssvnc on Linux, Mac, and Windows.