Home About Blog Media Free Courses Workshops

Using VNC to phone home

January 6, 2022

NoVNC

Phoning Home

I like to have easy access to my home infrastructure from anywhere. Apache Guacamole was my goto since it was deployed to BayCyber. While it did the job of providing access to a GUI in the browser, it's been troublesome with constant connection issues. As always, we looked for a new answer and found it in noVNC. This blog is for deploying VNC for a local instance.

Preparing

Within my home infrastructure, I will make a decently sized VM who will be the VNC host, granting me access to my home network.

Local VM The first step is always to ensure it is up to date:

sudo apt update && sudo apt full-upgrade -y

Step 1: Local VM Install

This VM will be the host I connect to when phoning home. I will install tools that I'll need:

sudo apt install firefox xfce4 tigervnc-standalone-server novnc websockify -y

VNC

Let's start the VNC server by first making a file in ~/.vnc/xstartup that will tell VNC what desktop to launch. If the .vnc folder does not exist in your home directory, simply make it with "mkdir .vnc".

VNC startup file

Next, make the new file executable:

chmod u+x ~/.vnc/xstartup

We can now run the VNC server and sure it is responding properly:

VNC server

You can confirm it is running by using any VNC client, connecting to the local VM's IP address on port 5900.

VNC GUI visible

Windows VMs

Windows VMs can also be used for this project. You will need to install UltraVNC to Windows to act as the vnc server. Also download and unzip the noVNC and Websockify releases.

Downloading and unzipping the contents

Step 1: Unzipping the contents of the files.

UltraVNC options

Step 2: Open Admin Properites from the taskbar icon

UltraVNC password

Step 3: Don't forget to set a password!

CMD

Step 4: Open CMD with admin privileges

Step 2: Accessing over the browser

Next, we will run websockify to allow our GUI to be accessible on the browser:

Websockify configuration

You should now be able to get to the VNC GUI from a browser by going to the IP address and port 5901. Click on "vnc.html" and you will see the noVNC GUI.

VNC GUI through the browser

Step 3: VPN-ing Home

Tailscale is a split tunnel VPN that allows me to connect back home without much effort.

Tailscale picture

I used my GitHub account to log in:

Sign up

Install the agent for the client (you will need to install two minumum, one for the VM and one on your desktop/laptop)

Installing the VPN agent

Once you have at least two agents installed, you can access your VM remotely from the IP address given by Tailscale at port 5901 with no issues!

References

noVNC and Websockify