To vnc or not to vnc

Woke up to a nonresponding Jetson Nano. Disconnected it and then mounted sdcard in different device and found /var/log/syslog consumed disk space with vino-server messages. Device was not directly connected to internet.

Feature ask: appreciate adding realvnc server to Jetpack in the future. please!

Disabled vnc and added 2fa using Yubikey to sshd. sharing instructions if others wish to add:

One-time: Website to generate Client ID (Replace_Client_ID) and Secret key (Replace_Secret_key) for pam.d/sshd:

Install libpam-yubico:

sudo apt-get update
sudo apt-get install libpam-yubico

Include in sshd:

sudo nano /etc/pam.d/sshd

ADD: auth sufficient or required; sufficient means OTP correct then no password vs required needs both

auth required id=Replace_Client_ID key=Replace_Secret_key debug authfile=/etc/yubikey_mappings mode=client

Create yubikey_mapping:

sudo nano /etc/yubikey_mappings

ADD: first 12 characters (open texteditor and press Yubikey to get OTP)


Change sshd_config to 2fa:

sudo nano /etc/ssh/sshd_config

CHANGE no to yes and ADD:

ChallengeResponseAuthentication yes
AuthenticationMethods keyboard-interactive:pam

Restart sshd and test:

sudo service sshd restart

Open new terminal and try ssh user@host. Result should be working session after successful Yubikey challenge and password login.

If remotely setting this up, recommend keeping first ssh session open till you get it working.

Please check this topic and see if the information helps:

Usually we connect to Jetson platforms through ssh connection and run the application such as DeepStream SDK. If we need to check the result, we leverage RTSP streaming. For advancing case(s) of using vnc, we don’t have experience and would need forum users to share suggestion and experience.

I ssh too but prefer to vnc into the boards when launching long-build processes. :)

just a backlog suggestion but totally get u go where the market demands.