On Thursday 19 December 2002 00:20, Brian Coyle wrote:
> On Wednesday 18 December 2002 22:18, Doug Koobs wrote:
> > tunneling it through SSH. Using VNC alone, the only thing that is
> > encrypted is the password when you begin the session.
That's currently the best method available. I tend to open up ssh session with
blowfish (faster than 3DES) and use TridiaVNC (tridiavnc.org) or TightVNC
(tightvnc.org) with the "tight" or "zlib" codings. With a fast encrypted
tunnel, and a fast VNC coding, the speed is the same if not better than PC
Anywhere.
> And the VNC encryption is weak.
>
> http://online.securityfocus.com/bid/854
> http://www.securiteam.com/tools/Brute_forcing_VNC_passwords.html
I've been working toward a good "workspot.com" like encrypted VNC sessions for
home use. I've been using it at home, but hope to finish building a
"desktop.blenke.com" UML image for this in the near future.
There's the pure java based MindTerm and MindVNC stuff that support VNC over
ssh natively. Unfortunately, they have no "tight" or "zlib" codings - and a
rather slow encryption engine. You can try using MindTerm in parallel with
tight VNC, but local port redirection isn't permitted in an applet.
The best solution is SSL with a JSSE'd TightVNC. Unfortunately, I've not
managed to get JSSE working very well in a modified vncviewer applet.
There are past threads of people trying to do the same, but not anything
recent that I've found.
Anyone else fighting with this?
-- - Ian C. Blenke <icblenke@nks.net>(This message bound by the following: http://www.nks.net/email_disclaimer.html)
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:37:07 EDT