Hello, I need some clarifications about SecureVNC plugin 2.4.0.0.
I have done some test, but I don't understand some elements.
- The client authentication keys, *Server_ClientAuth.pubkey and *Viewer_ClientAuth.pkey will be used by the server to authenticate the client.
OK, but usually during the creation of a pair of public/private key is recommended to use a passphrase.
WinVNC during the building which passphrase will be used? Is it the same that is present on the dialog of WinVnc where I can Generate Client authentication Key?
If will not be used any passphrase, how will the VncViewer verify that the private key *Viewer_ClientAuth.pkey is correct?
The contents of the *Server_ClientAuth.pubkey and *Viewer_ClientAuth.pkey has not the same format of the file generated from tools like gpg, and seems to be encrypted.
How were they built?
The RSA size affects the size of the client authentication keys that you generate, and the public key that are automatically generate by the server?.
The vncviewer client where will look for the corresponding private key?
Thank you for your patience.
After more 1 000 000 (one million) views on forum for 1.5.0.x development versions... and 1.6.1.0, 1.6.3.0-dev versions
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is welcome
Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
Development: UltraVNC development is always here... Any help is welcome.
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is welcome
Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
Development: UltraVNC development is always here... Any help is welcome.
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
SecureVNC plugin 2.4.0.0 info
-
Rudi De Vos
- Admin & Developer
- Posts: 6963
- Joined: 2004-04-23 10:21
- Contact:
Re: SecureVNC plugin 2.4.0.0 info
plugin without passphrase or key : Use vnc passwd as part of the key
Server and viewer exchange using DH a key
plugin with passphrase: passphrase is used as part of the key
DH exchange the key
plugin with key
You manual need to exchange the key, this key also act as authentication ( it's like a 2024 char pass)
You first generate a private.key
openssl genrsa -des3 -out private.pem 2048
From the private key you derive a public
openssl rsa -in private.pem -outform PEM -pubout -out public.pem
Vierwer is able to verify if public is genarted from private
See
https://www.openssl.org/docs/man1.0.2/m ... ey_ex.html
Server and viewer exchange using DH a key
plugin with passphrase: passphrase is used as part of the key
DH exchange the key
plugin with key
You manual need to exchange the key, this key also act as authentication ( it's like a 2024 char pass)
You first generate a private.key
openssl genrsa -des3 -out private.pem 2048
From the private key you derive a public
openssl rsa -in private.pem -outform PEM -pubout -out public.pem
Vierwer is able to verify if public is genarted from private
See
https://www.openssl.org/docs/man1.0.2/m ... ey_ex.html
UltraVNC links (join us on social networks):
- Website: https://uvnc.com/
- Forum: https://forum.uvnc.com/
- GitHub sourcecode: https://github.com/ultravnc/UltraVNC
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
- uvnc2me: https://uvnc2me.com/
- Website: https://uvnc.com/
- Forum: https://forum.uvnc.com/
- GitHub sourcecode: https://github.com/ultravnc/UltraVNC
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
- uvnc2me: https://uvnc2me.com/
-
splintercode
- 8
- Posts: 14
- Joined: 2010-09-10 14:46
Re: SecureVNC plugin 2.4.0.0 info
Thank you mr. Rudi
But during the creation of the private key
>>openssl genrsa -des3 -out private.pem 2048
which passphrase is used? The same password that I typed during the creation of the public/private key, from the plugin configuration mask?
I have tried compiling the source of WinVnc, indicating to the plugin via CDSMPlugin::SetPluginParams() another passphrase.
Keeping the same public and private keys of course, running the VNCViewer the connection is accepted only if I type the same passphare indicated during the call to CDSMPlugin::SetPluginParams()
So, which is the passphrase used on the creation on the pubblic/private key?
Thanks for any clarification.
But during the creation of the private key
>>openssl genrsa -des3 -out private.pem 2048
which passphrase is used? The same password that I typed during the creation of the public/private key, from the plugin configuration mask?
I have tried compiling the source of WinVnc, indicating to the plugin via CDSMPlugin::SetPluginParams() another passphrase.
Keeping the same public and private keys of course, running the VNCViewer the connection is accepted only if I type the same passphare indicated during the call to CDSMPlugin::SetPluginParams()
So, which is the passphrase used on the creation on the pubblic/private key?
Thanks for any clarification.