separate SecurityTypes option for reverse VNC connection #356

Open
dab18 opened this Issue Sep 14, 2016 · 0 comments

Projects

None yet

2 participants

@dab18
dab18 commented Sep 14, 2016 edited

in our scenario we have two users groups with different rights which connects through VNC to workstations:

  1. admins - DIRECT connection using own passowrd (PAM, restricted by wheel group).
  2. helpdesk/teachers - only REVERSE connection only by user request, but without password.

tigerVNC allow only one configuration per VNC-server.
since 2011 we use "dirty" patch (http://bbgentoo.ilb.ru/repos/bbgentoo/bbgentoo_overlay/trunk/net-misc/tigervnc/files/disable_outgoing_connection_authentication.patch), which enables SecurityTypes without password ("*None") on reverse connection.

it would be better to have separate settings for SecurityTypes, for example xorg.conf:
Option "SecurityTypes" "VeNCrypt,TLSPlain"
Option "SecurityTypesReverse" "VeNCrypt,TLSNone"

if SecurityTypesReverse not specified it is same as SecurityTypes.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment