问题
I have a Red Hat server running tiger-vncserver. This is a hardened system and security doesn't like having so many ports open for VNC users so currently we have 15 (5901-5915). We are getting more users onboarded and anticipate more users after, not sure how many though.
Is there a way to make every user have a stateful VNC connection available but share ports? From security's perspective, we would only use like port 5900 or something.
If it matters, I am using Apache Guacamole in lieu of a VNC Viewer client due to our configuration requirements.
回答1:
The issue with VNC and multiple users is missing connection manager for VNC that could be able to handle user authentication and start a separate VNC server for each user.
We had similar issues with Guacamole and remote VNC session and it was possible to handle this with several scripts that we had to integrate into our solution. However, the script had to grow over time and needed to include more and more logic for all specific situations that might happen.
In the end, it turns out that installing XRDP server on a remote Linux is a much easier and quite consistent solution. It opens only one port, 3389 can manage connections and user and Guacamole work well with it, just you have to use RDP protocol.
来源:https://stackoverflow.com/questions/57574356/is-it-possible-to-have-multiple-vncserver-users-on-the-same-port