TigerVNC client to Vino server with TLS encryption

[ajsf...@gmail.com]

I am trying to connect to a Fedora 21 machine running the GNOME Vino VNC server from a Mac running the TigerVNC client (version 1.4.3).

The Vino server uses TLS for encryption so verify that the TLS options are enabled in the TigerVNC client.

When I try and connect, TigerVNC returns with a dialog box that says 'No matching security types'.

The log for the Vino server says:

(vino-server:12681): EggSMClient-CRITICAL **: egg_sm_client_set_mode: assertion 'global_client == NULL || global_client_mode == EGG_SM_CLIENT_MODE_DISABLED' failed

21/04/2015 11:57:36 AM Autoprobing TCP port in (all) network interface

21/04/2015 11:57:36 AM Listening IPv6://[::]:5900

21/04/2015 11:57:36 AM Listening IPv4://0.0.0.0:5900

21/04/2015 11:57:36 AM Autoprobing selected port 5900

21/04/2015 11:57:36 AM Advertising security type: 'TLS' (18)

21/04/2015 11:57:36 AM Re-binding socket to listen for VNC connections on TCP port 5900 in (all) interface

21/04/2015 11:57:36 AM Listening IPv6://[::]:5900

21/04/2015 11:57:36 AM Listening IPv4://0.0.0.0:5900

21/04/2015 11:57:36 AM Clearing securityTypes

21/04/2015 11:57:36 AM Advertising security type: 'TLS' (18)

21/04/2015 11:57:36 AM Clearing securityTypes

21/04/2015 11:57:36 AM Advertising security type: 'TLS' (18)

21/04/2015 11:57:36 AM Advertising authentication type: 'No Authentication' (1)

21/04/2015 11:57:36 AM Re-binding socket to listen for VNC connections on TCP port 5900 in (all) interface

21/04/2015 11:57:36 AM Listening IPv6://[::]:5900

21/04/2015 11:57:36 AM Listening IPv4://0.0.0.0:5900

21/04/2015 11:57:36 AM Clearing securityTypes

21/04/2015 11:57:36 AM Clearing authTypes

21/04/2015 11:57:36 AM Advertising security type: 'TLS' (18)

21/04/2015 11:57:36 AM Advertising authentication type: 'VNC Authentication' (2)

21/04/2015 11:57:51 AM [IPv4] Got connection from client <snip>

21/04/2015 11:57:51 AM   other clients:

21/04/2015 11:57:51 AM Client Protocol Version 3.7

21/04/2015 11:57:51 AM Advertising security type 18

21/04/2015 11:57:51 AM Client <snip> gone

21/04/2015 11:57:51 AM Statistics:

21/04/2015 11:57:51 AM   framebuffer updates 0, rectangles 0, bytes 0

The source for TigerVNC appears to support TLS, type 18, but I can't figure out how to tell what security types are enable and where to enable more.

The log output from TigerVNC when run from the command line is

[<snip>]$ /Applications/TigerVNC\ Viewer\ 1.4.3.app/Contents/MacOS/TigerVNC\ Viewer -Log *:stderr:100

TigerVNC Viewer 32-bit v1.4.3

Built on: 2015-03-01 15:22

Copyright (C) 1999-2014 TigerVNC Team and many others (see README.txt)

See http://www.tigervnc.org for information on TigerVNC.

Tue Apr 21 12:59:26 2015

 CConn:       connected to host <snip> port 5900

 CConnection: reading protocol version

 CConnection: Server supports RFB protocol version 3.7

 CConnection: Using RFB protocol version 3.7

 CConnection: processing security types message

 CConnection: Server offers security type [unknown secType](18)

 CConnection: No matching security types

 CConn:       No matching security types

Can anyone help?

[Brian Hinz]

On Tue, Apr 21, 2015 at 3:05 PM, <ajsf...@gmail.com> wrote:

I am trying to connect to a Fedora 21 machine running the GNOME Vino VNC server from a Mac running the TigerVNC client (version 1.4.3).

The Vino server uses TLS for encryption so verify that the TLS options are enabled in the TigerVNC client.

These are not the same security types.  TigerVNC supports the VeNCrypt protocol for it's TLS implementation, while Vino uses it's own TLS implementation.  If there is a formal protocol specification anywhere for Vino's TLS security type, I'm not aware of it.

-brian

[ajsf...@gmail.com]

Thanks.  Back to using tigervnc-server on Fedora.