noVNC acts as a browser gateway to VNC backends. Secure proxying and backend auth are mandatory in production.
Typical runtime command options:
./utils/novnc_proxy --listen 6081 --vnc 127.0.0.1:5901
Or with SSL/TLS:
./utils/novnc_proxy --listen 6081 --vnc 127.0.0.1:5901 \
--cert /path/to/cert.pem --key /path/to/key.pem
Recommended architecture:
noVNC connects to VNC servers via WebSocket. Configure:
| Parameter | Description | Example |
|---|---|---|
--listen |
Port for noVNC web server | 6081 |
--vnc |
VNC server host:port | localhost:5901 |
--cert |
SSL certificate path | /etc/ssl/cert.pem |
--key |
SSL key path | /etc/ssl/key.pem |
--web |
Path to noVNC web files | /usr/share/novnc |
wss:// (secure WebSocket) for all production connections.websockify is the WebSocket to TCP proxy bundled with noVNC:
# Basic usage
websockify 6081 localhost:5901
# With SSL
websockify --cert=/etc/ssl/cert.pem --key=/etc/ssl/key.pem 6081 localhost:5901
# Multiple targets
websockify --web=/usr/share/novnc 6081 --target-config=/etc/novnc/targets.conf
Back up:
Recovery test:
Feel free to contact us. Find all contact information on our contact page.