|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [Plug] Trouble starting X remotely - VNC solution
|
Hello,
On Wed, Aug 18, 1999 at 07:51:26PM -0400, Andrew White wrote:
> VNC uses simple password authentication.
>
> It's not clear whether VNC makes any attempt to scramble the password.
> It doesn't appear do any type of public-key encryption like SSH, so it's
> almost certainly subject to sniffing.
Quoted from http://www.uk.research.att.com/vnc/sshvnc.html :
"VNC uses a random challenge-response system to provide the basic
authentication that allows you to connect to a VNC server. This is reasonably
secure; the password is not sent over the network. Once you are connected,
however, traffic between the viewer and the server is unencrypted, and could be
snooped by someone with access to the intervening network. We therefore
recommend that if security is important to you, you 'tunnel' the VNC protocol
through some more secure channel such as SSH. "
So apparently, the password authentication is secure, but all other
traffic is open to "sniffing eyes" :) . The page goes on explaining how to
use ssh to secure the connection, with good examples and diagrams.
Hope this helps,
-Christian
--
--------------------------------------------------------------------------------
\ "To those who say there is no hope /\ Christian Grigis /
\\ I say liars! //\\ glove@earthling.net //
\\\ Liars! ///\\\ ///
\\\\ Liars you are." ////\\\\ PGP Key on demand ////
-------------------- "Dormition And Dominion" -- Current 93 --------------------
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|