Provided by: weston_14.0.2-1build1_amd64 bug

NAME
       weston-vnc - the VNC backend for Weston


SYNOPSIS
       weston --backend=vnc


DESCRIPTION
       The  VNC  backend  allows  to  run a weston environment without the need of specific graphic hardware, or
       input devices. Users can interact with weston only by connecting using the  remote  framebuffer  protocol
       (RFB).

       The  VNC  backend uses Neat VNC to implement the VNC part, it acts as a VNC server listening for incoming
       connections. It supports different encodings for encoding the graphical content,  depending  on  what  is
       supported by the VNC client.

       The  VNC backend is not multi-seat aware, so if a second client connects to the backend, the first client
       will be disconnected.

       The VNC client has to authenticate as the user running weston. This requires  a  PAM  configuration  file
       /etc/pam.d/weston-remote-access.


CONFIGURATION
       The VNC backend uses the following entries from weston.ini.

   Section vnc
       refresh-rate=rate
              Specifies the desktop redraw rate in Hz. If unspecified, the default is 60Hz. Changing this may be
              useful  if you have a faster than 60Hz display, or if you want to reduce updates to reduce network
              traffic.

       tls-key=file
              The file containing the key for doing TLS security. To have TLS security you also need to  ship  a
              file containing a certificate.

       tls-cert=file
              The  file containing the certificate for doing TLS security. To have TLS security you also need to
              ship a key file.

   Section output
       name=vnc
              The name vnc is used to identify the VNC output.

       mode=widthxheight
              Specifies the (initial) size for the output.

       resizeable=boolean
              Specifies whether the VNC client is allowed to resize the output.


OPTIONS
       When the VNC backend is loaded, weston will understand the following additional command line options.

       --address=address
              The IP address on which the VNC backend will listen for VNC connections. By default it listens  on
              0.0.0.0.

       --width=width
              The width of the framebuffer. It defaults to 640.

       --height=height
              The height of the framebuffer. It defaults to 480.

       --port=port
              The TCP port to listen on for connections. It defaults to 5900.

       --vnc-tls-key=file
              The  file  containing the key for doing TLS security. To have TLS security you also need to ship a
              file containing a certificate.

       --vnc-tls-cert=file
              The file containing the certificate for doing TLS security. To have TLS security you also need  to
              ship a key file.

       --disable-transport-layer-security
              Disable   Transport  Layer  Security.  If  specified,  VNC  will  be  enabled  with  password-only
              authentication. This option is not recommended, as it creates security risk.


Generating cryptographic material for the VNC backend
       You can generate a key and certificate file to use with TLS security using typical openssl invocations:

       $ openssl genrsa -out tls.key 2048
       Generating RSA private key, 2048 bit long modulus
       [...]
       $ openssl req -new -key tls.key -out tls.csr
       [...]
       $ openssl x509 -req -days 365 -signkey tls.key -in tls.csr -out tls.crt
       [...]

       You will get the tls.key and tls.crt files to use with the VNC backend.


SEE ALSO
       weston(1)

Weston 14.0.2                                      2017-12-14                                      WESTON-RDP(7)