A small gevent-based VNC proxy with man-in-the-middle authentication. This software was written to facilitate out-of-band access to KVM guests in GRNET's virtualization cluster.

vncauthproxy listens on a UNIX domain socket for control messages and sets up one-time port forwardings upon request. As soon as a client connects, vncauthproxy fakes an RFB 3.8 server to request authentication from the client. If the client authenticates successfully, a server connection is initiated by the proxy and both connections are bridged to allow transparent client-server communications.

Main features include:
  • Lightweight, coroutine-based main loop with gevent
  • Supports RFB protocol version 3.8
  • IPv4 and IPv6 support
  • Configurable timeout for client connections
Possible future extensions:
  • Pluggable authentication method support
  • Support a JSON-based control message format

Issue tracking

View all issues | Calendar | Gantt