How to configure encryption ciphers in Xvnc

56 views
Skip to first unread message

Andy

unread,
Jul 12, 2019, 11:03:33 AM7/12/19
to TurboVNC User Discussion/Support
Hey so I have some strict requirements on what encryption ciphers we are allowed to use.

Basically I need it to use either TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 or TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384. 

From the viewer side I'm able to restrict the ciphers available to it by modifying the java argument inside of the vncviewer script:
 and adding on the options -Djava.security.properties=/opt/test/java.security.restictive -Djavax.net.debug=ssl

Now I get an SSL Handshake error when I try to connect - I think its because Xvnc doesn't support the 2 ciphers that I'm trying to use. 

How would I go about enabling the two ciphers from the server (Xvnc) side? I'd prefer to not have to recompile, but I'm not afraid to.


Thanks!
java.security.restrictive

Andy

unread,
Jul 12, 2019, 11:08:48 AM7/12/19
to TurboVNC User Discussion/Support
I think it would also be helpful to post the parameters that I'm using to launch it too - 

Server
/opt/TurboVNC/bin/vncserver -SecurityTypes X509Vnc -x509cert /home/user/ca/certs/localhost.cert.pem -x509key /home/user/ca/certs/localhost.key.pem -rfbauth /home/user/ca/t.file


Viewer
/home/user/my_vnc_viewer -x509ca /home/user/ca/certs/CA.cert.pem -passwd /home/user/ca/t.file localhost:2
my_vnc_viewer

DRC

unread,
Jul 12, 2019, 2:46:20 PM7/12/19
to turbovn...@googlegroups.com
I did some digging, and unfortunately there is no way to enable/disable
OpenSSL ciphers on a system-wide or per-user basis. They have to be
configured on a per-application basis. I will investigate adding a new
TurboVNC security configuration file property for this, as it seems like
something that would be generally useful.

Andy

unread,
Jul 12, 2019, 3:25:49 PM7/12/19
to TurboVNC User Discussion/Support
That would be awesome

Thanks!

DRC

unread,
Jul 12, 2019, 5:54:40 PM7/12/19
to turbovn...@googlegroups.com
Is it necessary to restrict the ciphers on the server end, or would it
be acceptable to simply enable ECDH ciphers in the server and restrict
them on the client end?

The basic problem is that the TurboVNC Server's OpenSSL wrapper doesn't
currently enable ECDH ciphers. Enabling those ciphers is an easy
(probably one-liner) modification, but adding the Security Configuration
file parameter to restrict the ciphers would be more difficult (in part
because of the need to support both GnuTLS and OpenSSL.)

DRC

DRC

unread,
Jul 13, 2019, 1:37:31 AM7/13/19
to turbovn...@googlegroups.com

I went ahead and implemented a new security configuration file directive (permitted-cipher-suites), as well as a new Java TurboVNC Viewer system property.  To achieve what you want, assuming you're using OpenSSL 1.0.2 or later, you can add:

    permitted-cipher-suites = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384

to /etc/turbovncserver-security.conf.  That will prevent any ciphers other than the two you listed from being used on the server end, regardless of which ciphers are supported on the client end.  It will also effectively disallow any of the TLS* security types, irrespective of the permitted-security-types directive (because anonymous TLS uses different ciphers.)

As a belt-and-suspenders measure, you can also force the viewer to use only those ciphers by setting

    JAVA_TOOL_OPTIONS='-Dturbovnc.ciphersuites=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384'

in the environment on the client machine.

The Xvnc log file, as well as the debug output from the viewer (-loglevel 100) will reveal which ciphers are available and which cipher was negotiated between server and client.

DRC

On 7/12/19 2:25 PM, Andy wrote:
--
You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turbovnc-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/717ffd21-4778-4e1c-a6ef-b4fb50f2bf59%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Andy

unread,
Jul 16, 2019, 12:57:22 PM7/16/19
to TurboVNC User Discussion/Support
Wow! Thanks for the quick fix! 

I take all I need to try it out is to pull and build the latest turbovnc and it should work?

Thanks again!
To unsubscribe from this group and stop receiving emails from it, send an email to turbovn...@googlegroups.com.

DRC

unread,
Jul 16, 2019, 1:03:13 PM7/16/19
to turbovn...@googlegroups.com
Yeah, or you can use the pre-release builds, which are generated automatically by Travis and AppVeyor:

https://turbovnc.org/DeveloperInfo/PreReleases

To unsubscribe from this group and stop receiving emails from it, send an email to turbovnc-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/c82c784a-0fef-4f60-b6a6-dc281532dbee%40googlegroups.com.

Andy

unread,
Jul 16, 2019, 4:27:34 PM7/16/19
to TurboVNC User Discussion/Support
Hey, so now I'm missing the ECDHE-ECDSA-AES256-GCM-SHA384 algorithms inside of the server and client.
~/.vnc/Server:3.log
16/07/2019 16:15:29 Available cipher suites: DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:EXP-RC4-MD5

Client output with -loglevel 100
CSecurityTLS: Available cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_256_CBC_SHA256, TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA

However `openssl ciphers` :
At least has the ECDHE-ECDSA-AES256-GCM-SHA384 that I'm looking for (don't see the CBC but thats ok)
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-IDEA-CBC-MD5:KRB5-DES-CBC3-MD5:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:KRB5-RC4-SHA:KRB5-RC4-MD5


I'm not sure what's up with java not seeing it.

I installed version 2.2.80 with the RPM
Server command:  /opt/TurboVNC/bin/vncserver  -SecurityTypes X509Vnc -x509cert /home/user/ca/certs/localhost.cert.pem -x509key /home/user/ca/certs/localhost.key.pem -rfbauth /home/user/ca/t.file 

Client Command: JAVA_TOOL_OPTIONS="" /opt/TurboVNC/bin/vncviewer -loglevel 100 -x509ca /home/user/ca/certs/CA.cem -passwd /home/user/ca/t.file localhost:1

DRC

unread,
Jul 16, 2019, 5:11:34 PM7/16/19
to turbovn...@googlegroups.com

Server and client O/S?  OpenSSL versions?

To unsubscribe from this group and stop receiving emails from it, send an email to turbovnc-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/e850a8b0-9ee8-4780-bd53-2aa1d64bc935%40googlegroups.com.

Andy

unread,
Jul 16, 2019, 5:28:42 PM7/16/19
to TurboVNC User Discussion/Support
It's the latest CentOS (7.6 I believe). Both the server and client are running on the same host and openssl 1.0.2

DRC

unread,
Jul 16, 2019, 5:37:27 PM7/16/19
to turbovn...@googlegroups.com
Do you have any legacy OpenSSL libraries installed? If you do, TurboVNC
may be picking up those rather than OpenSSL 1.0.2 (probably something
else I need to fix, BTW.)

DRC

unread,
Jul 17, 2019, 2:32:06 AM7/17/19
to turbovn...@googlegroups.com

Assuming the issue was that you had openssl098e installed as well, and the TurboVNC Server was picking that up instead of OpenSSL 1.0.2, then that issue should now be fixed.

On 7/16/19 4:28 PM, Andy wrote:

Andy

unread,
Jul 17, 2019, 5:20:47 AM7/17/19
to TurboVNC User Discussion/Support
Hey sorry, yeah let me do some digging when I get back to my dev box and I'll let you know. Thanks again for all the help!

Andy

unread,
Jul 17, 2019, 4:56:33 PM7/17/19
to TurboVNC User Discussion/Support
Hey so you were right.

 Apparently I had a ilbssl.so.0.9.8e.so floating around. 

So I moved all of the stuff relating to that out of the directory and now I get the ECDHE ciphers that i was looking for on the server side. 

Do you know how I would go about adding them to JAVA and the client side? 
From the vncviewer script the only ciphers I have available are :

CSecurityTLS: Available cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DH_anon_WITH_AES_256_GCM_SHA384, TLS_DH_anon_WITH_AES_128_GCM_SHA256, TLS_DH_anon_WITH_AES_256_CBC_SHA256, TLS_DH_anon_WITH_AES_256_CBC_SHA, TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA 

- It's missing the TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher that I'm looking for

Thanks again for the help!

DRC

unread,
Jul 17, 2019, 7:31:28 PM7/17/19
to turbovn...@googlegroups.com

The latest commit in master reverses the TurboVNC Server's search order for OpenSSL DSOs, so it should now pull the DSO from the newest installed version of OpenSSL rather than the oldest.  That means you shouldn't need to move OpenSSL 0.9.8e out of the way anymore.

As far as why Java isn't picking up the newer algorithms, that appears to be because you are using the 3.0 alpha build of the TurboVNC Viewer.  Please use the 2.2.x stable build.  The embedded JRE in 3.0 alpha isn't providing those ciphers for some reason, and I need to look into why (it may simply be that I didn't include the necessary module when building the JRE), but I just tested the 2.2.x build (with OpenJDK 1.8.0), and it works fine.

--
You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turbovnc-user...@googlegroups.com.

Andy

unread,
Jul 18, 2019, 11:23:17 AM7/18/19
to TurboVNC User Discussion/Support
Ah I gotcha - So I went and installed https://s3.amazonaws.com/turbovnc-pr/master/linux/turbovnc-2.2.3.x86_64.rpm and I can see the ciphers fine from both sides.
 However I think the openssl and Java TLS implementations don't think ECDHE-ECDSA-AES256-GCM-SHA384 == TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.
I haven't done allot of research into the ciphers so maybe theirs a chance that they are different? Or maybe theirs a typo in comparing them?

Here's the logs /config - 
Server :

permitted-cipher-suites = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384


18/07/2019 11:10:14 Available cipher suites: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384
18/07/2019 11:10:14 Deferring TLS handshake
18/07/2019 11:10:14 SSL_accept() failed: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher (336109761)
18/07/2019 11:10:14 Client 127.0.0.1 gone

Client

   JAVA_TOOL_OPTIONS='-Dturbovnc.ciphersuites=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384'


SecurityTLS: Not using X.509 CRL
CSecurityTLS: Available cipher suites: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
com.turbovnc.rdr.SystemException: javax.net.ssl.SSLException: Received fatal alert: handshake_failure

Thanks again for the help
To unsubscribe from this group and stop receiving emails from it, send an email to turbovn...@googlegroups.com.

DRC

unread,
Jul 18, 2019, 12:44:14 PM7/18/19
to turbovn...@googlegroups.com
It works fine for me. Are you sure your certificate is ECDSA?

gencert.san.ec from
https://gist.github.com/dcommander/fc608434735026dd8215

shows how to generate one (at least, as far as I determine. I'm not an
expert on this stuff.) The error you're still getting would occur if,
for instance, your certificate is RSA but you're trying to use it with
an ECDSA cipher.

On 7/18/19 10:23 AM, Andy wrote:
> Ah I gotcha - So I went and
> installed https://s3.amazonaws.com/turbovnc-pr/master/linux/turbovnc-2.2.3.x86_64.rpm
> and I can see the ciphers fine from both sides.
>  However I think the openssl and Java TLS implementations don't think
> ECDHE-ECDSA-AES256-GCM-SHA384 == TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.
> I haven't done allot of research into the ciphers so maybe theirs a
> chance that they are different? Or maybe theirs a typo in comparing them?
>
> Here's the logs /config - 
> *Server :*
>> <http://ilbssl.so.0.9.8e.so> floating around. 
>> send an email to turbovn...@googlegroups.com <javascript:>.
>> <https://groups.google.com/d/msgid/turbovnc-users/9cd4cde5-a186-4980-9d5e-e36bd538a643%40googlegroups.com?utm_medium=email&utm_source=footer>.
>> For more options, visit https://groups.google.com/d/optout
>> <https://groups.google.com/d/optout>.
>
> --
> You received this message because you are subscribed to the Google
> Groups "TurboVNC User Discussion/Support" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to turbovnc-user...@googlegroups.com
> <mailto:turbovnc-user...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/turbovnc-users/adb0fbe2-8dbe-4c84-86e5-692a5c8429d4%40googlegroups.com
> <https://groups.google.com/d/msgid/turbovnc-users/adb0fbe2-8dbe-4c84-86e5-692a5c8429d4%40googlegroups.com?utm_medium=email&utm_source=footer>.

Andy

unread,
Jul 18, 2019, 2:41:05 PM7/18/19
to TurboVNC User Discussion/Support
Oh woops I'm silly. That was it. Generated some EC certs with openssl and now it works! 


Thanks so much !

DRC

unread,
Jul 19, 2019, 10:06:16 PM7/19/19
to turbovn...@googlegroups.com
EC ciphers should now work in the 3.0 alpha build as well, once Travis finishes spinning it.  As suspected, the custom embedded JRE was missing the necessary modules to implement those ciphers.

DRC

To unsubscribe from this group and stop receiving emails from it, send an email to turbovnc-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/f9f427de-36e8-46c1-bb15-fdb8bcc0c048%40googlegroups.com.

Andy

unread,
Jul 22, 2019, 8:50:59 AM7/22/19
to TurboVNC User Discussion/Support
Awesome thanks! I have another question (or maybe feature request) about the viewer that I'll post on another thread
To unsubscribe from this group and stop receiving emails from it, send an email to turbovn...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages