BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] vnc
- Subject: [Discuss] vnc
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- Date: Thu, 28 Aug 2014 16:43:50 +0000
- In-reply-to: <53F9F6B9.4060505@stephenadler.com>
- References: <53F9F6B9.4060505@stephenadler.com>
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss- > bounces+blu=nedharvey.com at blu.org] On Behalf Of Stephen Adler > > My problem with this is that the password I issue to open up the > vncviewer window to access the desktop of the user is not part of the > /etc/passwd file, but some clear text password file. There are warnings > in the documentation about this. I've seen some good replies including ssh tunnel and openvpn, but I'm surprised nobody mentioned this - If you run vncserver on a per-user basis, you set the password with the command "vncpasswd" which creates ~/.vnc/passwd, encrypted hashed like the /etc/passwd file. So that problem is solved, *but* the vnc traffic itself is unencrypted. So as others have said, you need to secure the communication channel. I know there exists such a thing as VNC encryption, but I haven't looked into that - The solution I would personally use is ssh tunnel, because for me it's far easier than openvpn (due to familiarity).
- References:
- [Discuss] vnc
- From: adler at stephenadler.com (Stephen Adler)
- [Discuss] vnc
- Prev by Date: [Discuss] [Position-available] OPENING - Sr SW Engineer - Embedded Linux, C, Java - contract
- Next by Date: [Discuss] vnc
- Previous by thread: [Discuss] vnc
- Next by thread: [Discuss] Draft document from NIST about SSH in an automated environment
- Index(es):
