Modern VNC Server and client, web based and secure
Go to file
Pierre Ossman c3279914c1 Fix link order of nettle and hogweed
Hogweed needs nettle, not the other way around. So make sure they
are specified in the correct order for the static link to succeed.
2020-09-21 12:58:11 +03:00
builder Update install.sh 2020-09-20 09:04:35 -04:00
cmake Fix link order of nettle and hogweed 2020-09-21 12:58:11 +03:00
common Handle pixel formats with odd shift values 2020-09-21 12:56:53 +03:00
contrib Initial commit 2020-09-20 12:16:44 +00:00
doc Initial commit 2020-09-20 12:16:44 +00:00
kasmweb Initial commit 2020-09-20 12:16:44 +00:00
release Initial commit 2020-09-20 12:16:44 +00:00
tests Initial commit 2020-09-20 12:16:44 +00:00
unix Initial commit 2020-09-20 12:16:44 +00:00
win Use size_t for lengths in stream objects 2020-09-21 12:55:59 +03:00
.gitignore Add .gitignore 2020-09-21 12:33:19 +03:00
bitbucket-pipelines.yml Initial commit 2020-09-20 12:16:44 +00:00
BUILDING.txt Initial commit 2020-09-20 12:16:44 +00:00
CMakeLists.txt Initial commit 2020-09-20 12:16:44 +00:00
config.h.in Initial commit 2020-09-20 12:16:44 +00:00
LICENCE.TXT Initial commit 2020-09-20 12:16:44 +00:00
LICENSE Initial commit 2020-09-13 12:50:42 -04:00
README.md Update README.md 2020-09-20 09:11:28 -04:00

KasmVNC - Linux Web Remote Desktop

Kasm Technologies

Kasm Technologies LLC developed Kasm Server, a Containerized Desktop Infrastructure (CDI) solution. Kasm started with TigerVNC and eventually forked it to create KasmVNC. KasmVNC is used within the overal Kasm CDI infrastructure, however, you can use KasmVNC for individual servers. KasmVNC has different goals than TigerVNC:

  • Web-based - KasmVNC is designed to provide a web accessible remote desktop. It comes with a web server and websocket server built in. There is no need to install other components. Simply run and navigate to your desktop's URL on the port you specify. While you can still tun on the legacy VNC port, it is disabled by default.
  • Security - KasmVNC defaults to HTTPS and allows for HTTP Basic Auth. VNC Password authentication is limited by specification to 8 characters and is not suffecient for use on an internet accessible remote desktop. Our goal is to create a by default secure, web based experience.
  • Simplicity - KasmVNC aims at being simple to deploy and configure.

New Features!

  • Webp image compression for better bandwidth usage
  • Automatic mixing of webp and jpeg based on CPU availability on server
  • Multi-threaded image encoding for smoother frame rate for servers with more cores
  • Full screen video detection, goes into configurable video mode for better full screen videoo playback performance.
  • Dynamic jpeg/webp image coompression quality settings based on screen change rates
  • Seemless clipboard support
  • Allow client to set/change most configuration settings
  • Data Loss Prevention features
    • Key stroke logging
    • Clipboard logging
    • Max clipboard transfer size up and down
    • Min time between clipboard operations required
    • Keyboard input rate limit

Future Goals:

  • Support uploads and downloads
  • Json configuration file
  • Pre-build Packages for all major Linux distributions
  • CI pipelines to create releases

Installation

We are currently developing releasable packages for major operating sytems. The install script available with releases will install dependencies, compile webp, and pull down and install the pre-compiled KasmVNC tarball. Currently, only Ubuntu 18.04 LTS is pre-compiled.

This installer assumes you already have a desktop environment installed, but have never configured a VNC server. Use the install script found in this project under builder/install/install.sh, currently Ubuntu 18.04LTS is the only operating system with pre-compiled binaries.

# use install script from builder/install/install.sh
sudo ./install.sh

# change owner of pre-installed cert to your user
sudo chown $USER /usr/local/share/kasmvnc/certs/self.pem

# create required files
touch ~/.Xresources
# start kasmvnc to generate the required files and then kill it
# it will prompt to set the vnc password
vncserver :1 -interface 0.0.0.0
vncserver -kill :1

# overwrite the VNC password to nothing. KasmVNC uses HTTPS basic authentication
echo '' | vncpasswd -f > $HOME/.vnc/passwd

# modify vncstartup to launch your environment of choice, in this example LXDE
echo '/usr/bin/lxsession -s LXDE &' >> ~/.vnc/xstartup

# launch KasmVNC
vncserver $DISPLAY -depth 24 -geometry 1280x1050 -basicAuth kasm_user:password -websocketPort 8443 -cert /usr/local/share/kasmvnc/certs/self.pem -sslOnly -FrameRate=24 -interface 0.0.0.0

The options for vncserver in the example above:

Argument Description
depth Color depth, for jpeg/webp should be 24bit
geometry Screensize, this will automatically be adjusted when the client connects.
basicAuth Username and password seperated by a semi-colon.
websocketPort The port to use for the web socket. Use a high port to avoid having to run as root.
cert SSL cert to use for HTTPS
sslOnly Disable HTTP
interface Which interface to bind the web server to.

Development

Would you like to contribute to KasmVNC? Please reachout to us at info@kasmweb.com

We need help, especially in packaging KasmVNC for various operating systems. We would love to have standard debian or RMP packages and host our own repo, however, that all requires a lot of experience, proper testing, and pipeline development for automated builds.

We also need help with Windows, which is not currently supported. While KasmVNC can technically be built for Windows 10, it is unusably slow, due to all the changes that occured in Windows since the original Windows support was added in the chain of VNC forked projects.

Compiling From Source

See the builder/README.md. We containerize our build systems to ensure highly repeatable builds.

Incomplete and generally out of date copyright list::

    Copyright (C) 2020 Kasm Technologies LLC
    Copyright (C) 1999 AT&T Laboratories Cambridge
    Copyright (C) 2002-2005 RealVNC Ltd.
    Copyright (C) 2000-2006 TightVNC Group
    Copyright (C) 2005-2006 Martin Koegler
    Copyright (C) 2005-2006 Sun Microsystems, Inc.
    Copyright (C) 2006 OCCAM Financial Technology
    Copyright (C) 2000-2008 Constantin Kaplinsky
    Copyright (C) 2004-2017 Peter Astrand for Cendio AB
    Copyright (C) 2010 Antoine Martin
    Copyright (C) 2010 m-privacy GmbH
    Copyright (C) 2009-2011 D. R. Commander
    Copyright (C) 2009-2011 Pierre Ossman for Cendio AB
    Copyright (C) 2004, 2009-2011 Red Hat, Inc.
    Copyright (C) 2009-2018 TigerVNC Team
    All Rights Reserved.

This software is distributed under the GNU General Public Licence as published by the Free Software Foundation. See the file LICENCE.TXT for the conditions under which this software is made available. KasmVNC also contains code from other sources. See the Acknowledgements section below, and the individual source files, for details of the conditions under which they are made available.

Acknoledgements

This distribution contains zlib compression software. This is:

Copyright (C) 1995-2002 Jean-loup Gailly and Mark Adler

This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:

  1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.
  2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
  3. This notice may not be removed or altered from any source distribution.

Jean-loup Gailly Mark Adler jloup@gzip.org madler@alumni.caltech.edu

The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).

This distribution contains public domain DES software by Richard Outerbridge. This is:

Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge. (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.

This distribution contains software from the X Window System. This is:

Copyright 1987, 1988, 1998 The Open Group

Permission to use, copy, modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation.

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Except as contained in this notice, the name of The Open Group shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from The Open Group.

Copyright 1987, 1988 by Digital Equipment Corporation, Maynard, Massachusetts. All Rights Reserved

Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of Digital not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission.

DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.