[Feature request] Please make network bindings configurable #43
Labels
feature-request
New feature or request
Comments
|
IIRC, the server binds to 0.0.0.0 per default, so you should already have a binding to localhost. |
|
Sorry, you are right! Localhost just did not show up in the list of network bindings after starting the VNC server, but connecting with a vnc client to localhost actually works! ;-) |
bk138
changed the title
|
What if I want it fo bind to localhost only? |
|
Hi, just putting my two pence in, it would be great if I could bind to a VPN IP like Tailscale and not expose to any old LAN my device connects to. |
|
Seconding this feature for the same reason as @olivluca . I like to bind all services to localhost and then use ssh port forwarding for security. I'll add this feature if I can't find another app that does this. |
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Aug 21, 2024
When applied, this commit tries to implement the feature requests reported on issue bk138#43 and bk138#227. Basically, with this commit, it is possible to instruct the server to listen only on a certain address. To do this, there is a further edittext "Listening Address", which can be configured. Please note that if an invalid ip/address is set, by default, it is assumed 0.0.0.0 is requested
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Aug 21, 2024
When applied, this commit tries to implement the feature requests reported on the issues bk138#43 and bk138#227. Basically, with this, it is now possible to make the server listen only on certain addresses. This increases security and allows the typical "SSH usage", that is, SSH + publickey auth + local port forwarding + VNC listening on localhost only. To achieve this: - on droidvnc-ng.c, vncServerStart was modified in order to provide a further "jstring listenIf" parameter. It uses rfbScreenInfo*'s listenInterface property. - A TableRow was added in order to allow users to input the desired address to use ("Listening Address"). - On droidvnc-ng.c, the method vncServerGetListenInterface was introduced in order to track if the server is currenctly set to listen to 0.0.0.0 or not (this is used to properly show what addresses are available to use on the UI). Please note that, if an invalid address/host is set, by default, it is assumed the address 0.0.0.0 is requested.
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Aug 30, 2024
When applied, this commit tries to implement the feature requests reported on the issues bk138#43 and bk138#227. Basically, with this, it is now possible to make the server listen only on certain addresses. This increases security and allows the typical "SSH usage", that is, SSH + publickey auth + local port forwarding + VNC listening on localhost only. To achieve this: - on droidvnc-ng.c, vncServerStart was modified in order to provide a further "jstring listenIf" parameter. It uses rfbScreenInfo*'s listenInterface property. - A TableRow was added in order to allow users to input the desired address to use ("Listening Address"). - On droidvnc-ng.c, the method vncServerGetListenInterface was introduced in order to track if the server is currenctly set to listen to 0.0.0.0 or not (this is used to properly show what addresses are available to use on the UI). Please note that, if an invalid address/host is set, by default, it is assumed the address 0.0.0.0 is requested.
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Sep 1, 2024
When applied, this commit tries to implement the feature requests reported on the issues bk138#43 and bk138#227. Basically, with this, it is now possible to make the server listen only on certain addresses. This increases security and allows the typical "SSH usage", that is, SSH + publickey auth + local port forwarding + VNC listening on localhost only. To achieve this: - on droidvnc-ng.c, vncServerStart was modified in order to provide a further "jstring listenIf" parameter. It uses rfbScreenInfo*'s listenInterface property. - A TableRow was added in order to allow users to input the desired address to use ("Listening Address"). - On droidvnc-ng.c, the method vncServerGetListenInterface was introduced in order to track if the server is currenctly set to listen to 0.0.0.0 or not (this is used to properly show what addresses are available to use on the UI). Please note that, if an invalid address/host is set, by default, it is assumed the address 0.0.0.0 is requested.
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Sep 1, 2024
When applied, this commit tries to implement the feature requests reported on the issues bk138#43 and bk138#227. Basically, with this, it is now possible to make the server listen only on certain addresses. This increases security and allows the typical "SSH usage", that is, SSH + publickey auth + local port forwarding + VNC listening on localhost only. To achieve this: - on droidvnc-ng.c, vncServerStart was modified in order to provide a further "jstring listenIf" parameter. It uses rfbScreenInfo*'s listenInterface property. - A TableRow was added in order to allow users to input the desired address to use ("Listening Address"). - On droidvnc-ng.c, the method vncServerGetListenInterface was introduced in order to track if the server is currenctly set to listen to 0.0.0.0 or not (this is used to properly show what addresses are available to use on the UI). Please note that, if an invalid address/host is set, by default, it is assumed the address 0.0.0.0 is requested.
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Sep 1, 2024
When applied, this commit tries to implement the feature requests reported on the issues bk138#43 and bk138#227. Basically, with this, it is now possible to make the server listen only on certain addresses. This increases security and allows the typical "SSH usage", that is, SSH + publickey auth + local port forwarding + VNC listening on localhost only. To achieve this: - on droidvnc-ng.c, vncServerStart was modified in order to provide a further "jstring listenIf" parameter. It uses rfbScreenInfo*'s listenInterface property. - A TableRow was added in order to allow users to input the desired address to use ("Listening Address"). - On droidvnc-ng.c, the method vncServerGetListenInterface was introduced in order to track if the server is currenctly set to listen to 0.0.0.0 or not (this is used to properly show what addresses are available to use on the UI). Please note that, if an invalid address/host is set, by default, it is assumed the address 0.0.0.0 is requested.
elluisian
added a commit
to elluisian/droidVNC-NG-translation-binding
that referenced
this issue
Sep 30, 2024
When applied, this commit tries to implement the feature requests reported on the issues bk138#43 and bk138#227. Basically, with this, it is now possible to make the server listen only on certain addresses. This increases security and allows the typical "SSH usage", that is, SSH + publickey auth + local port forwarding + VNC listening on localhost only. To achieve this: - on droidvnc-ng.c, vncServerStart was modified in order to provide a further "jstring listenIf" parameter. It uses rfbScreenInfo*'s listenInterface property. - A TableRow was added in order to allow users to input the desired address to use ("Listening Address"). - On droidvnc-ng.c, the method vncServerGetListenInterface was introduced in order to track if the server is currenctly set to listen to 0.0.0.0 or not (this is used to properly show what addresses are available to use on the UI). Please note that, if an invalid address/host is set, by default, it is assumed the address 0.0.0.0 is requested.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please consider making the network bindings of the VNC service configurable, so that one can prevent it from being exposed in potentially untrusted networks. Maybe this could be realized by a checkable list of the current networks/IP addresses (including localhost, for instance if one wants to employ some tunneling technology for making the service externally accessible).
Thanks in advance! ;-)
The text was updated successfully, but these errors were encountered: