Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Loggin in with VNC Password Only Not DSM Passphrase

Should you have problems with the DSM plugin, here's the place to look for help or report issues
Post Reply
YuVu
Posts: 5
Joined: 2015-01-23 00:02

Loggin in with VNC Password Only Not DSM Passphrase

Post by YuVu »

I'm trying to log into my laptop (server) using my desktop (client). Whenever I try to connect to the server I can only log in using the VNC password and not the passphrase I entered when generating a client authentication key. In fact the "VNC Authentication" window on the client only lets me enter in 8 characters, which I've read is the limit for the VNC Password.

This is how I've set up my server and how I generated the client authentication keys:
In the server's "Admin Properties" window, under "Authentication" I've entered an 8-digit long VNC password and a different 8-digit View-Only Password. I've left the "Require MS Logon" box un-checked. Under "DSM Plugin" I've checked the "Use" box, selected "SecureVNCPlugin64.dsm" from the drop down menu, and clicked the "Config." button. In the "SecureVNC Plugin Configuration" window I've selected "AES (128- to 256-bit keys)" under "Enable Ciphers", "256-bit" under "Enable Key Lengths", "RSA-2048" next to "RSA", checked the box next to "Use new key algorithm", and entered in a 14 character passphrase. The box next to "Use 56-bit Blowfish cipher for passphrase" is left unchecked. I then clicked the "Generate Client Authentication Key" button and saved the "Server_ClientAuth.pubkey" and "Viewer_ClientAuth.pkey" in the "C:\Program Files\uvnc bvba\UltraVNC" folder.

For the client computer this is what I have done:
I have copied the "SecureVNCPlugin64.dsm", "Server_ClientAuth.pubkey", and "Viewer_ClientAuth.pkey" to the "C:\Program Files\uvnc bvba\UltraVNC" folder on the client machine. In the "UltraVNC Viewer -1.2.0.3" window I have entered in my server's IP address and port number. Under "Quick Options" I've selected the "AUTO" option, checked the box next to "Use DSMPlugin", selected "SecureVNCPlugin64.dsm" from the drop down menu, left the "Proxy/Repeater" box un-checked, checked the box "Save connection settings as default", and clicked the "Connect" button. Two windows then pop up. The first, "VNC View Status for 192.168.1.40" shows that a "Password is requested" next to status and underneath that "AES-256-OFB(256); RSA-2048; Auth(RSA-2048). In second window, "VNC Authentication", I am prompted for a "Password". Here I am only able to successfully log in to the VNC server using the VNC password and not the DSM passphrase. When I enter the DSM passphrase it only lets me type in the first 8 characters and then rejects my connection.

What am I missing? I've tried unistalling the server and viewer programs on both machines to no avail. I'm using a USB thumb drive to copy the "Server_ClientAuth.pubkey", and "Viewer_ClientAuth.pkey" from the server computer to the client computer. Both computers are on my local network. Both have UltraVNC.1.2.03 64-bit installed and are running Windows Ultimate 64. From what I've read on the forums and on Adam D. Walling's site, when using the plugin, the VNC password is overriden by the key passphrase. Why can't I log in using my passphrase?

I plan on connecting to the laptop (server) from a different location and would like to make sure that the traffic between the server and client is encrypted, not just password protected. Thanks for your help.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Loggin in with VNC Password Only Not DSM Passphrase

Post by Rudi De Vos »

Generate Client Authentication Key -> you already have a 1024bit key
passphrase is used when you don't set a predefined key
YuVu
Posts: 5
Joined: 2015-01-23 00:02

Re: Loggin in with VNC Password Only Not DSM Passphrase

Post by YuVu »

Thanks for your response!

Just to clarify: If I generated a 2048bit key I don't need to have a passphrase correct? So what is the passphrase for?
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Loggin in with VNC Password Only Not DSM Passphrase

Post by Rudi De Vos »

encryption
1)vnc passwd: DH is used to generate and exchange key, encryption with exchanged key + authentification ( vnc passwd)
2)passphrase :DH is used to generate and exchange key, encryption with exchanged key + authentification (passphrase)
3)key file: key file is pre gereated, encryption and authentification is protected by the key file ( The vnc password is actual not needed, but stayed for compatibility)

passphrase is used when you use dh key exchange but want a bigger authentication password.
YuVu
Posts: 5
Joined: 2015-01-23 00:02

Re: Loggin in with VNC Password Only Not DSM Passphrase

Post by YuVu »

Wow. Ok that makes it much more easy to understand. I don't remember reading this type of description in any of the documentation I've found. Hopefully one of the devs notices this and adds it. Thanks a lot! I really appreciate it. Hopefully someone else who's googling about this finds your explanations helpful as well.
Post Reply