Here is my recipie for using tlsclienttunnel for vnc connections on plan9's side. For the vncserver end I am using stunnel and tightvnc on OpenBSD (what else):
- Install stunnel. This is as easy as adding a vnc section do your config file: [vnc] accept = 7777 connect = 5901</code>
- On plan9 touch a thumb file for your certificate: touch vnc.thumb
- establish the client tunnel: tlsclienttunnel tcp!yourhost!7777 tcp!localhost!5901 vnc.thumb You will get a response like this: /bin/tlsclienttunnel: server certificate sha1hash not recognized.
- Copy and snarf this to your thumb file: echo 'x509 sha1=sha1hash' > vnc.thumb
- Connect to it securely with vncv localhost:1