Help - VNC Server - Ubuntu focal 20.04 AWS S3

Thibault

10/15/22, 9:54 AM

I'm coming to you because I have a problem with TightVNC installed on ubuntu (under AWS S3). From one day to the next, I can no longer log in and display my virtual machine. The connection can't be established.

My version of ubuntu :

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.2 LTS
Release:        20.04
Codename:       focal

My version of Tightvncserver:

sudo apt-cache show tightvncserver
Package: tightvncserver
Architecture: amd64
Version: 1.3.10-0ubuntu5
Priority: optional
Section: universe/x11
Source: tightvnc
Origin: Ubuntu
Maintainer: Ubuntu Developers <[email protected]>
Original-Maintainer: Ola Lundqvist <[email protected]>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 1847
Provides: vnc-server, xserver
Depends: libc6 (>= 2.15), libjpeg8 (>= 8c), libx11-6, zlib1g (>= 1:1.1.4), perl:any, x11-common | xserver-common, x11-utils, xauth
Recommends: xfonts-base, x11-xserver-utils
Suggests: tightvnc-java
Filename: pool/universe/t/tightvnc/tightvncserver_1.3.10-0ubuntu5_amd64.deb
Size: 662900
MD5sum: 3af0020f4758752adf36718d190e6943
SHA1: 08d788330270d20ff8b13f9e9dde8066e71cdb2a
SHA256: d702f1e30e88f619a2eac9f2de7ade59d5954e346fa865f6cc499330f4376b7a
Homepage: http://www.tightvnc.com

However, the launch is done well:

 vncserver

New 'X' desktop is ip-***-**-**-**:1

Starting applications specified in /home/ubuntu/.vnc/xstartup
Log file is /home/ubuntu/.vnc/ip-***-**-**-**:1.log

I don't have much knowledge of ubuntu and in fact I don't even know how to identify the problem.

Could you please help me?

This is very important for my work and I am completely lost.

Thank you very much in advance.

118

1 + 2

vnc

tightvncserver

20.04

matigo

10/15/22, 11:50 AM

Have you confirmed that the port is not being blocked by the security policy? If your policy has IP-specific port filtering and your IP has recently changed, then you will not be able to connect. If the service is running but not accepting connections, there may be something in the `/var/log` directory that will point to a reason why you cannot connect.

Thibault

10/15/22, 12:13 PM

I found this in /home/ubuntu/.vnc/ip-***-**-**-**:1.log : `15/06/21 12:10:53 Got connection from client ***.**.***.*** 15/06/21 12:10:53 (other clients ***.***.***.**) 15/06/21 12:10:53 Using protocol version 3.3 15/06/21 12:10:53 Too many authentication failures - client rejected 15/06/21 12:10:53 Client ***.***.***.*** gone 15/06/21 12:10:53 Statistics: 15/06/21 12:10:53 framebuffer updates 0, rectangles 0, bytes 0` Does it help ?

Score:1

Ubuntu

matigo

10/15/22, 12:32 PM

The Too many authentication failures - client rejected message reveals a couple of things:

TightVNC is using standard ports
Your security policy on Amazon is inadequate
Automated processes found your EC2 instance and it responded to various requests, eventually triggering the VNC server’s security policy

You will want to do a few things:

Change the port that is used by the VNC server to something outside of standard, such as 74656
Use the security policies on Amazon to limit traffic to known IP addresses or, barring that, specific countries
Consider slowing down brute force attempts by either using Fail2Ban or updating your iptables to something like:
```
sudo iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
sudo iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 90 --hitcount 3 -j DROP
```
This will block an IP after three failed attempts in 30 seconds. Be sure to change the dport and i values to the proper port and network interface for your EC2 instance.

With a little more security in place, your VNC server can be a reliable tool

0 + 1

Thibault

10/15/22, 6:04 PM

Thank you very much for your detailed feedback. Well, unfortunately, I have the explanation. My VM's VNC was under brute force attack and for security reasons I had to shut it down. I'll have to create a new one but this time I'll think about setting up all the possible security. Thanks again!

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Help - VNC Server - Ubuntu focal 20.04 AWS S3

TH: วิธีใช้ - เซิร์ฟเวอร์ VNC - Ubuntu focal 20.04 AWS S3

RO: Ajutor - VNC Server - Ubuntu focal 20.04 AWS S3

RU: Справка - Сервер VNC - Ubuntu focus 20.04 AWS S3

VI: Trợ giúp - Máy chủ VNC - Ubuntu tiêu điểm 20.04 AWS S3

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.