diff options
Diffstat (limited to 'x11vnc/help.c')
| -rw-r--r-- | x11vnc/help.c | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/x11vnc/help.c b/x11vnc/help.c index da8ac5c..3aa8147 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -603,27 +603,32 @@ void print_help(int mode) { " send one before a 25 second timeout. Existing clients\n" " are view-only during this period.\n" "\n" +" If the first character received is \"Escape\" then the\n" +" unix username will not be displayed after \"login:\"\n" +" as it is typed. This could be of use for VNC viewers\n" +" that automatically type the username and password.\n" +"\n" " Since the detailed behavior of su(1) can vary from\n" " OS to OS and for local configurations, test the mode\n" -" carefully on your systems before using it in production.\n" -" Test different combinations of valid/invalid usernames\n" -" and valid/invalid passwords to see if it behaves as\n" -" expected. x11vnc will attempt to be conservative and\n" +" carefully. x11vnc will attempt to be conservative and\n" " reject a login if anything abnormal occurs.\n" "\n" -" On FreeBSD and the other BSD's by default it is\n" -" impossible for the user running x11vnc to validate\n" -" his *own* password via su(1) (evidently commenting out\n" +" One case to note: FreeBSD and the other BSD's by\n" +" default it is impossible for the user running x11vnc to\n" +" validate his *own* password via su(1) (commenting out\n" " the pam_self.so entry in /etc/pam.d/su eliminates this\n" -" problem). So the x11vnc login will always *fail* for\n" +" behavior). So the x11vnc login will always *FAIL* for\n" " this case (even when the correct password is supplied).\n" "\n" -" A possible workaround for this would be to start\n" -" x11vnc as root with the \"-users +nobody\" option to\n" -" immediately switch to user nobody. Another source of\n" -" problems are PAM modules that prompt for extra info,\n" -" e.g. password aging modules. These logins will fail\n" -" as well even when the correct password is supplied.\n" +" A possible workaround for this on *BSD would be to\n" +" start x11vnc as root with the \"-users +nobody\" option\n" +" to immediately switch to user nobody where the su'ing\n" +" will proceed normally.\n" +"\n" +" Another source of potential problems are PAM modules\n" +" that prompt for extra info, e.g. password aging modules.\n" +" These logins will fail as well even when the correct\n" +" password is supplied.\n" "\n" " **IMPORTANT**: to prevent the Unix password being sent\n" " in *clear text* over the network, one of two schemes\n" @@ -676,10 +681,6 @@ void print_help(int mode) { " (default port 5500). Please use a ssh or stunnel port\n" " redirection to the viewer machine to tunnel the reverse\n" " connection over an encrypted channel.\n" -#if 0 -" Note that in -ssl\n" -" mode reverse connection are disabled (see below). XXX\n" -#endif "\n" " In -inetd mode the Method 1) will be enforced (not\n" " Method 2). With -ssl in effect reverse connections\n" @@ -1707,6 +1708,9 @@ void print_help(int mode) { " commands, RFB_SSL_CLIENT_CERT will be set to the\n" " client's x509 certificate string.\n" "\n" +" The sslpeer= mode can aid finding X sessions via the\n" +" FINDDISPLAY and FINDCREATEDISPLAY mechanisms.\n" +"\n" " To immediately switch to a user *before* connections\n" " to the X display are made or any files opened use the\n" " \"=\" character: \"-users =bob\". That user needs to\n" |