WinVNC + secure tunnel + user acknowledgement (win32) howto

Glenn Mabbutt gmabbutt "at"
Fri, 10 Nov 2000 17:26:40 +0000

OK, after much testing, I've finally gotten WinVNC to work properly with a
secure tunnel (using Zebedee), as well as enabling user acknowledgement
before.  For the benefit of others like myself who need _all_ of these
features, below is how I did it.  The remote machine I'm connecting to (and
therefore installing WinVNC as a service and Zebedee as a service on) is a
pentium 60 with 40 MB RAM and a 6.4 GB hard drive running Windows 95 (the
version with USB support).  I'm connecting to it using a Pentium III machine
running Windows NT 4 (service pack 6a).  I did this using WinVNC 3.3.3r7
(I'm using the version modified to allow disabling of wallpaper and font
smoothing, but the "vanilla" WinVNC available from should work as well).  For
the secure tunnel, I'm using Zebedee 2.0.1, available from

Now, on to the details...

-download Zebedee from the URL above.  Run the setup program included with
it on both the remote machine (here after, I'll call this the "server") and
the machine you will be connecting with (here after, I'll call this the
"client").  On the server, once you've run the basic setup, you have to
install Zebedee as a service.  Open a command prompt.  Go to the directory
where you installed Zebedee (usually c:\zebedee) and type "zebedee
-Sinstall=c:\zebedee\vncserver.zbd" (substitute appropriate path to zebedee
directory if applicable).

-download WinVNC from the URL above (the .zip version is fine).  Unzip the
downloaded file on both machines.  On the server machine, run the initial
installation and installation as a _SERVICE_ as per the official WinVNC
documentation available at
After installing it as a service and setting up the default password, you'll
need to add some Registry values.  So, fire up regedit and go to:
HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3.  Add the following keys and values:
AllowLoopback set to 1 (DWORD type);
AuthHosts set to "-:?" (string type);
QuerySetting set to 2 (DWORD type);
QueryTimeout set to whatever you feel comfortable with, example decimal 120
is 2 minutes (DWORD type);
Exit regedit.

-Reboot the server machine (safely).

-Once it's rebooted, ie, at the login screen, you should now be able to use
vncviewer to connect to the remote machine via a secure tunnel (and _only_
through a secure tunnel, and it will prompt the remote end to ACCEPT/DECLINE
the incoming connection - if you don't want it to prompt for a connections,
simply change AuthHosts to "-:+").

-To connect to the server machine, open a command prompt on your client
machine, "cd" to your zebedee directory.  At the command prompt, type
"zebedee -f c:\zebedee\vncviewer.zbd <ip_address_ of_remote_machine>".  This
assumes that the location of vncviewer.exe on your client machine is
c:\Program Files\ORL\VNC\vncviewer.exe.  If this is not where your vncviewer
is, you'll have to edit the vncviewer.zbd file, and change the path in the
line that begins with "command".

That's it!! (At least, that's what I had to do, it works for me!!)

Other, more complicated variants:

If you want to set certain variables every time you connect, like selecting
a certain encoding scheme or changing the style of mouse pointer, I've found
that the only way to do this in conjunction with Zebedee is to:
a) make a non-zebedee VNC connection with a target box (if you're using the
same remote machine you'll have to change its AuthHosts setting temporarily,
like take out the
b) when connected, click on the VNC logo in the top left corner (the System
Menu), select "Save configuration info as...", and name the file something,
save it into your Zebedee directory (it'll save as something.vnc.  Why the
Zebedee directory?  I don't know, but it works that way). Restore the
AuthHosts setting, and disconnect.
c) open the configuration file (something.vnc) in an editor; delete the
"host=" and "port=" lines; change the "preferred_encoding" setting to
whatever you want (ie, 0 is raw, 2 is RRE, 4 is CoRRE and 5 is Hextile, at
least in my tests); adjust other settings as needed, save the file;
d) edit the vncviewer.zbd file;  change the entry in the "command" line to
"command 'c:\Program Files\ORL\VNC\vncviewer.exe -config somefile.vnc' "
(without double quotes);save the file and exit;
e) Launch it from the zebedee directory using "zebedee -f
c:\zebedee\vncviewer.zbd <ip_address_of_remote_machine>"

Should work!!

Good luck!!

To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at"
See also: