This is woefully incomplete.
If you are using Fx4 or earlier, you need to use a WebSocket Flash emulator and thus you will need to serve a Flash policy. A simple policy server is shipped in this package, try:
$ sudo twistd -n flashpolicy
To start the server, try:
$ twistd -n vncap
By default, the daemon runs on TCP port 8888, bound only to localhost. Here are some examples for customizing the control port.
Running on TCP port 8000, bound to localhost:
$ twistd -n vncap -c tcp:8000:interface=localhost
Running on a local UNIX socket:
$ twistd -n vncap -c unix:/tmp/vncap.sock
Requirements:
- Twisted 10.2 or newer
- txWS 0.6 or newer
If your distribution insists on splitting Twisted into multiple packages, you will also need the Twisted Web package, usually called python-twisted-web.
To command the proxy to open ports, a JSON snippet should be sent to the control port. The snippet should be a JSON dictionary, with the following required keys:
daddr: The destination hostname for the VNC backenddport: The destination port for the VNC backendpassword: A password for the VNC frontend conection
The following keys are optional:
sport: The preferred source port for the VNC frontendws: Whether the frontend should be wrapped for WebSocketstls: Whether the frontend should be wrapped with TLS for SSL/WSS
If the requsted sport is not available, one will be automatically
assigned.
If TLS is requested, the proxy will look for SSL key and certificate information from hardcoded locations. The locations for the SSL files are:
keys/vncap.key: SSL keykeys/vncap.crt: SSL certificate
To generate simple keys, an example series of OpenSSL invocations might be:
$ openssl genrsa -out keys/vncap.key 1024
$ openssl req -new -key keys/vncap.key -out keys/vncap.csr
$ openssl x509 -req -in keys/vncap.csr -signkey keys/vncap.key -out
keys/vncap.crt