Provided by: tigervnc-standalone-server_1.7.0+dfsg-8ubuntu2_amd64 bug

NAME

       vnc.conf - configuration file for Virtual Network Computing

SYNOPSIS

       $variable = "someValue";

       $variable = "someValue";

       $variable .= "someValue";

       $variable = $var1 . $var2;

DESCRIPTION

       /etc/vnc.conf is the site wide configuration file for tigervncserver(1), the free X server
       for Virtual Network Computing (VNC). It can be used to change the behavior of  the  server
       at startup time, although for all values suitable defaults are preset.

       vnc.conf  will  be  parsed  by  tigervncserver.  Then tigervncserver will proceed and read
       $HOME/.vnc/vnc.conf, a file that can be changed on a per-user base. It has the some syntax
       and options as the file described in this document.

EXAMPLES

       The  site  wide  configuration  file  /etc/vnc.conf  should  come  with the Debian package
       tigervnc-standalone-server.   This  file  serves  as  an  example  for   the   user   file
       $HOME/.vnc/vnc.conf.   The  site  wide  configuration file is pretty self-descriptive, and
       this document will mainly repeat the information that already can be found there.

OVERVIEW

       The file is in perl(1) syntax, although only  variable  assignment  is  allowed  for  your
       safety  and  convenience.  But  there  still  a variety of possibilities to set the string
       variables.

       All variable names are prefixed by `$'. You can assign a string to a  variable  using  the
       `='  operator,  and you can append a string to a variable using the `.=' operator. You can
       concatenate two strings using the `.'  operator. You can substitute variables even  inside
       quotes. You can access the environment variables using the notation $ENV{VARIABLE}.

       You  can  unset  a  variable by assigning undef to it. Use this to return the state of the
       variable from `set' to `use default'.

       You must end a line with a semicolon.

OPTIONS

       The options are given with their default value if this is known.

       $vncClasses = "/var/www/vnc";
              Should be the path to the java classes of the server.

       $baseHttpPort = undef;
              This is the port base for the mini-HTTP server that is  built-in  to  Xtigervnc(1).
              The real http port will be derived from this base plus the display number.

       $XFConfigPath = "/etc/X11/xorg.conf";
              Can be set to the global xorg.conf file. This will be parsed to gain default values
              for $fontPath.  If you want to disable this feature, point it to an  invalid  file,
              /invalid for example.

       $fontPath
              Should  be  a  comma  separated  list of fonts to be added to the font path. If not
              specified, and $XFConfigPath is valid, tigervncserver will read the $fontPath  from
              there. If both are not set, the default will apply.

       $PAMService = "tigervnc";
              This  parameter specifies the PAM service used for plain password authentication if
              one  of  the  security  types   Plain,  TLSPlain,  or  X509Plain   is   used.    If
              /etc/pam.d/vnc  is  not present, then tigervncserver(1) expects to use the tigervnc
              PAM service to authenticate the passwords of users when any of the *Plain  security
              types  are  used.   Note  that the tigervnc-common package provides the PAM service
              configuration file /etc/pam.d/tigervnc.  Otherwise, if /etc/pam.d/vnc  is  present,
              then the vnc PAM service will be used.

       $sslAutoGenCertCommand = "openssl req
                      -newkey ec:/etc/tigervnc/ecparams.pem
                      -x509 -days 2190 -nodes";
              The  command  specified  by  the  $sslAutoGenCertCommand  parameter is used to auto
              generate the certificate for the -X509Cert and -X509Key  options  of  Xtigervnc(1).
              The configuration for openssl(1SSL) is taken from /etc/tigervnc/ssleay.cnf where we
              substitute @HostName@ by the fully qualified domain name of the host.

       $vncUserDir = "$ENV{HOME}/.vnc";
              Contains the filename for the log files directory of Xtigervnc (the server) and the
              viewers that are connected to it.

       $vncPasswdFile = $vncUserDir . "/passwd";
              Contains  the  filename  of the password file for Xtigervnc. This file is only used
              for the security types VncAuth, TLSVnc, and X509Vnc.

       $vncStartup = "/etc/X11/XSession";
              Points to a script that will be started at the  very  beginning  of  the  Xtigervnc
              session.

       $xauthorityFile = "$ENV{HOME}/.Xauthority";
              Specifies  the  path  to the X authority file that should be used by your Xtigervnc
              server.

       $desktopName = "${HOSTFQDN}:nn ($ENV{LOGNAME})";
              Should be set to the default name of the desktop.   This  can  be  changed  at  the
              command line with -name.

       $wmDecoration = "8x64";
              Sets  the  adjustment of $geometry to accommodate the window decoration used by the
              X11 window manager. This is used to fully display the VNC desktop even if  the  VNC
              viewer is not in full screen mode.

       $geometry = "1900x1200";
              This  sets the framebuffer width & height. A default for this option as well as the
              $depth and $pixelformat options can be derived if the tigervncserver(1) is run in a
              X session – either $ENV{DISPLAY} or the session given by $getDefaultFrom – with the
              -xdisplaydefaults option. The geometry can also be changed at the commandline  with
              the  -geometry  option.  Otherwise, the fixed defaults given here as well as in the
              following two configuration parameter documentations will be used.

       $depth = "32";
              This sets the framebuffer color depth, i.e., the number of bits per pixel  to  use.
              It must be either 32, 24, 16, or 8.

       $pixelformat = "rgb888";
              Specifies  the  pixel format for the Xtigervnc(1) server to use (BGRnnn or RGBnnn).
              The default for depth 8 is BGR233 (meaning the most significant two bits  represent
              blue,  the  next  three  green, and the least significant three represent red), the
              default for depth 16 is RGB565 and for depth 24 and 32 is RGB888.

       $getDefaultFrom
              This option lets you set the display from which you can query the  default  of  the
              above  three  options,  if  you  don't  want  to start tigervncserver from within a
              running X server. It will be added to the call of xdpyinfo.  It is  useful  to  get
              the  default from the X server you will run xvncviewer in, because the data has not
              to be recalculated then.

              $getDefaultFrom = "-display localhost:0"; is an example how to do this.

       $rfbwait = "30000";
              Sets the maximum time in msec to wait for the VNC client viewer.

       $localhost = "yes";
              Should  the  TigerVNC  server  only  listen  on  localhost  for  incoming  TigerVNC
              connections.  This  is  useful  if you use SSH and want to stop non-SSH connections
              from any other hosts. Hence, $localhost = "yes" is the default  if  security  types
              are  not  specified.  In this case, only the security type VncAuth will be offered.
              If the security types are specified, either via the option -SecurityTypes given  to
              tigervncserver(1)   or   via   the   $SecurityTypes   configuration   parameter  in
              /etc/vnc.conf or in $HOME/.vnc/vnc.conf, then the default depends on the  specified
              security  types.   The  default will be $localhost = "no" if the specified security
              types contain at least one of the  TLS* or X509* secutity types  and  also  contain
              none  of  the  *None security types.  As always, the defaults can be overwritten on
              the commandline via the -localhost  option  or  via  the  $localhost  configuration
              parameter in /etc/vnc.conf or in $HOME/.vnc/vnc.conf.

       $SecurityTypes = "VncAuth"
              The  $SecurityTypes  parameter  contains  a  comma  separated  list  of the default
              security types the Xtigervnc server will offer.  Available security types are None,
              VncAuth,  Plain,  TLSNone,  TLSVnc, TLSPlain, X509None, X509Vnc and X509Plain.  The
              *None security types do not offer any kind of user  authentication  for  connecting
              VNC  sessions.   Hence, combining a  *None security type and $localhost = "no" is a
              very bad idea.  The  TLS* and X509* security types do enforce  SSL  encryption  for
              data   transmission.   Hence,  combining  a   TLS*  or   X509*  security  type  and
              $localhost = "yes" is a senseless idea.  Thus, in the  case  of  $localhost = "no",
              the default for $SecurityTypes will be extended from  VncAuth to VncAuth,TLSVnc.

       $PlainUsers = "$ENV{LOGNAME}"
              The  $PlainUsers  configuration  parameter contains a comma separated list of users
              that are authorized to access the VNC server if the security types Plain, TLSPlain,
              or X509Plain are used to establish the connection. The password for these users are
              check by the system via the  PAM  service  specified  via  $PAMService  option.  On
              default,  only  the  user  starting the tigervncserver is contained in the list. By
              specifying *, any user can authenticate using this security type.

       $X509Cert and $X509Key
              These two options contain the filenames for a certificate and its key that is  used
              for the security types X509None, X509Vnc, and X509Plain.  If nothing is specified –
              the  default  case  –  then  a  self-signed  certificate   is   auto-generated   by
              tigervncserver(1)    and    stored    in   $HOME/.vnc/${HOSTFQDN}-SrvCert.pem   and
              $HOME/.vnc/${HOSTFQDN}-SrvKey.pem,  respectively.   If  filenames  are  given   for
              $X509Cert and $X509Key either here or on the commandline via -X509Cert and -X509Key
              options, then the auto generation is disabled and the user has to  take  care  that
              usable certificates are present.

FILES

       /usr/bin/tigervncserver
              A wrapper script around Xtigervnc to start the server with appropriate defaults.

       /usr/bin/tigervncpasswd
              Command  to create and change password files to be used by the RFB protocol (can be
              specified in the $vncPasswdFile variable).   /usr/bin/Xtigervnc  The  real  server.
              Will be invoked by tigervncserver.

SEE ALSO

       Xtigervnc(1),       tigervncserver(1),       x0tigervncserver(1),       tigervncpasswd(1),
       xtigervncviewer(1).

AUTHOR

       2016 - Modified for TigerVNC 1.7 by Joachim Falk (Joachim.falk@gmx.de) 2006 - Modified for
       vnc  4.1.2  by  Joachim  Falk  (Joachim.falk@gmx.de)  1998  - Originally written by Marcus
       Brinkmann (Marcus.Brinkmann@ruhr-uni-bochum.de) for the Debian GNU/Linux Distribution.