Anonymous Diffie-Hellman issue

[1.4...@gmail.com]

I have a TigerVNC server 1.6.0 running in a Linux box. I can connect to this server from other Linux boxes, with TigerVNC clients, over an SSH tunnel, without any problems.

I tried to do the same thing from an Android 8.1 device, using the bVNC app. What I am getting in this client is the following:

"The VNC Server is trying to use Anonymous Diffie-Hellman ciphers which are not supported on your Android device."

After this, suggestions are given to disable AnonTLS for both the Vino VNC server and x11vnc - but nothing for TigerVNC. Interestingly, my bVNC can connect to an x11vnc server over an SSH tunnel running in a different Linux box without any problems.

Is it therefore possible to disable Anonymous DH in a TigerVNC server?

[Pierre Ossman]

Indeed. Check the SecurityTypes setting. You need to make sure none of
the methods starting with TLS are included.

But can't you configure bVNC to not use those? It seems odd it tries to
use a method it knows won't work.

Regards
--
Pierre Ossman Software Development
Cendio AB https://cendio.com
Teknikringen 8 https://twitter.com/ThinLinc
583 30 Linköping https://facebook.com/ThinLinc
Phone: +46-13-214600

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?