Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
On Wed, 5 Apr 2000 EMAIL:PROTECTED wrote:
> AFAIK, VNC passwords are sent in clear text as is the entire session.
> If you VNC server is a *NIX, you could tunnel through ssh. Very cool.
No, VNC passwords use encrypted challenge-response method:
http://www.uk.research.att.com/vnc/sshvnc.html
"VNC uses a random challenge-response system to provide the basic
authentication that allows you to connect to a VNC server. This is
reasonably secure; the password is not sent over the network. Once you are
connected, however, traffic between the viewer and the server is
unencrypted, and could be snooped by someone with access to the
intervening network. We therefore recommend that if security is important
to you, you 'tunnel' the VNC protocol through some more secure channel
such as SSH."
I agree about the ssh. Once you have VNC and SSH both running it isn't
hard to use them together. I did point out in an earlier message that
there is a trick if you are using tcp_wrappers with ssh: You have to add
sshfwd-<port_number> to hosts.allow on the local machine where
"<port_number>" is the port you are forwarding from on the local machine.
It's a little annoying to have to add a line to hosts.allow for every
possible port number I might want to use.
Regards,
Mike
--
To unsubscribe, send a new message with no subject and the words
"unsubscribe members" in the body to EMAIL:PROTECTED
Archives are available at http://mlug.missouri.edu/list-archives/
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact