User Tools

Site Tools


OS X : VNC from the command line

This article was originally published on October 27, 2008.

Since OS X 10.4 (Tiger), Apple has provided a remote desktop capability integrated into the operating system. However, unlike Windows (which uses a proprietary protocol called RDP), Apple chose to use the VNC protocol for their remote desktop server and client.

I wouldn’t recommend using Apple’s VNC server; it’s far more restrictive than alternatives. Vine server is much more robust and customizable, and it’s open-source.

However, if you find it necessary to use Apple’s built-in VNC for whatever reason, you may also find yourself needing to control the server from the command line (for instance, if the server application fails and you need to SSH into your remote Mac to restart the service).

I found out the hard way that the Perl script Apple uses to restart the server stores the VNC password in plaintext. This is wrong on a lot of levels, one being that it’s completely user-unfriendly. At any rate, after some Googling around, I found a Perl script that will encode the password with the necessary key. You can then input the encoded password in your VNC restart command.

The Perl script looks like this:

perl -nwe 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; 
chomp; s/^(.{8}).*/$1/; @p = unpack "C*", $_; foreach (@k) { printf "%02X", $_ ^ (shift @p || 0) }; print "n"'

Paste this at your bash prompt and hit enter. You can then type your password, hit enter again, and have the encoded password ready to go. Once you have your encoded password, you can use the kickstart command to restart the VNC server. Apple has some documentation on using kickstart here1).

Overall, Apple made a major blunder by not correctly encoding the password with the kickstart utility. Hopefully this will be remedied in a future release of OS X.