Comments (4)
Hi,
the original purpose of this image is that it will be used only for short term actions. In our case to execute E2E tests in real browser. Because of that, the image is designed more or less stateless. If you wan't to used like a VM with states and userpassword and so you can extend the base image by your own like described here: https://github.com/ConSol/docker-headless-vnc-container#1-extend-a-image-with-your-own-software
If you want e.g. use the user id 1000
you can do:
## Custom Dockerfile
FROM consol/centos-xfce-vnc:1.1.0
USER 1000
### do your stuff
In our case we use the "nss_wrapper" library to fill passwd at runtime. Which is recommended by Redhat https://docs.openshift.com/enterprise/3.1/creating_images/guidelines.html#openshift-enterprise-specific-guidelines.
One thing you have to know, that we currently don't launch an DBus, so I'm not sure if the keyring than works.
The Linux users itself don't have any password, to the only password we set is the VNC password. The current implementation needs to set a password as environment var VNC_PW
. Do you really wan't to be able to set no VNC password, and everybody how listen to your VNC port can access your data? I could change the startup script, that it allows a empty VNC password, but I'm not sure if this is needed and reasonable. For noVNC connection you can provide the password as parameter and ensure, that you don't have to login, e.g.:
http://localhost:6911/vnc_auto.html?password=vncpassword
from docker-headless-vnc-container.
Hi there,
thank you so much for your reply. I will be parsing through the material you have provided this weekend. I am a bit confused by your last paragraph. Perhaps explaining my setup a bit more will help clarify.
- I manage access to virtual environments through an SSH-tunnel on the desktop that is generated by a Java program I wrote. This tunnel must be setup for anyone to be able to reach the no vnc / vnc ports. Thus, no one is going to be snooping on the vnc port because no one can see it or connect to it without already being authenticated via standard Linux SSH mechanisms.
- I do, as you mention, auto-fill in the URL with the VNC password, so connecting is as simple as clicking "connect." I appreciate that the VNC password is there, because I auto-randomize it as a way of preventing clients from accidentally stepping into each other's sessions.
- I provide convenience facilities to my users that cache certain Chrome passwords. Originally, it was alright to have these Chrome passwords accessible to everyone. But as work has been subcontracted, the users have a need to hide the Chrome passwords from others so they do not use these passwords outside of the virtual environment.
I have a couple of alternatives that I am exploring with regard to Gnome-Keyring alternatives: - Firefox with a master password. As you are aware, the latest version of Firefox suffered from poor performance and graphical distortion that rendered it unusable in the Ubuntu version of this image. In the Centos version, I have gotten it to work alright, but my last experience did not inspire confidence and Firefox doesn't accept all the plugins my users need.
- https://github.com/dannyvankooten/browserpass
I am in the process of installing this. Unfortunately, it already appears that in a password-less environment, the password can be retrieved by simply typing "pass" + the name of the website in a terminal. If there were a password associated with the docker image, I could lock access down accordingly.
In any case, as I mentioned, I haven't had a chance to review what you've provided. I will do so and provide my experience and feedback. I greatly appreciate the work you've done on this image.
from docker-headless-vnc-container.
Hi, thx for your detailed explanation. Hope you will get this working.
To your 5th point: Maybe you can use for that a keepass file in connection with keepass http plugin. Therefore you can unlock the keepassfile on startup and provide it with auto-fill-in over the keepass browser plugins. I think this won't be some easy task, but I just wanted to mention it 😄
from docker-headless-vnc-container.
@IridiumMaster can I close the Issue? Maybe you can post here your solution?
from docker-headless-vnc-container.
Related Issues (20)
- Local Network Service Access
- How to use "chromium-browser" command in a docker-compose.yml file
- Add Ubuntu OS HOT 1
- VNC not working only noVNC does HOT 6
- Empty blue screen when access from remote host HOT 1
- ARM (Mac M1) support HOT 1
- ubuntu22.04 HOT 3
- user 1000 is not exist HOT 2
- no en_US.UTF-8 HOT 1
- Cannot switch to root user vua GUI command line HOT 2
- VNC timeouts with disconnected
- consol/debian-xfce-vnc cannnot to open the portable chromium in terminal HOT 3
- try to build it with VNC_PASSWORDLESS=true as env in the dockerfile HOT 6
- Can integrate the Wine environment in this environment so that I can integrate Windows software HOT 1
- How to enable remote and local computer copy and paste when using HTML5 VNC.
- no graphical interface when login HOT 1
- Building on Windows Docker HOT 2
- latest docker image on dockerhub is not compatible with arm64 architecture HOT 2
- Add note that accessing root user instance uses http://localhost:6911/vnc.html - i.e. port 6911 rather than 6901
- Hello world
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-headless-vnc-container.