Rudi De Vos wrote:being worked on: No
To test, a seperate tunnel with auth and encryption ( why not adding socket encryption and compression) is the easiest.
vncviewer connect to tunnel <-->tunnel connect to server.
Inside the tunnel normal vnc auth.
This way you don't have to change a vnc bit...updates will still work and you can use any vnc flavor.
My thoughts where to grab the ssl tunnel plugin and add some code to it to use the kerberos ticket to authenticate.
I was thinking the normal vnc auth that is sort of what I meant by dummy password scheme. The whole idea is a single sign on.
So I could just turn off passwords on VNC and require the tunnel. If I set it up correctly I could set the allowed kerberos tickets by changing the access permissions on a directory tied to my code.
Client side would start an ssl tunnel use the kerberos ticket to try and read a directory on the server side. If accepted open the vnc session.
Current Ideas in my head are thinking maybe a hidden share called something like vncpass$ set permissions on the share to only allow groups/users you want and my plugin could just use that to tell the client how to login. Hmm I might not need to do much at all. Maybe just share the place where the password is stored(the ultravnc config file) already with the permissions I want. I could have it randomize the password daily and only allowed users could read the config file with the passwords.