[Discuss] vnc
Edward Ned Harvey (blu)
blu at nedharvey.com
Thu Aug 28 12:43:50 EDT 2014
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Stephen Adler
>
> My problem with this is that the password I issue to open up the
> vncviewer window to access the desktop of the user is not part of the
> /etc/passwd file, but some clear text password file. There are warnings
> in the documentation about this.
I've seen some good replies including ssh tunnel and openvpn, but I'm surprised nobody mentioned this -
If you run vncserver on a per-user basis, you set the password with the command "vncpasswd" which creates ~/.vnc/passwd, encrypted hashed like the /etc/passwd file. So that problem is solved, *but* the vnc traffic itself is unencrypted. So as others have said, you need to secure the communication channel. I know there exists such a thing as VNC encryption, but I haven't looked into that - The solution I would personally use is ssh tunnel, because for me it's far easier than openvpn (due to familiarity).
More information about the Discuss
mailing list