can't connect to gnome-remote-desktop vnc with tls-anon
350 views
Skip to first unread message
John Paul Morrison
Nov 3, 2021, 10:22:36 PM11/3/21
to TigerVNC User Discussion/Support
I'm trying to connect to gnome-remote-desktop 40.1-1.fc34
TigerVNC works great without encryption - best I've found so far. But I can't connect with tls-anon
First off:
- gnome thinks it's tls-anon
gsettings get org.gnome.desktop.remote-desktop.vnc encryption
['none', 'tls-anon']
- gnome has code for ANON-DH
grd-vnc-tls.c: const char kx_priority[] = "NORMAL:+ANON-DH";
- Tiger should support ANON-DH as well
CSecurityTLS.cxx: static const char kx_anon_priority[] = ":+ANON-ECDH:+ANON-DH";
SSecurityTLS.cxx: static const char kx_anon_priority[] = ":+ANON-ECDH:+ANON-DH";
- I don't see ANON-DH (xtigervncviewer_1.11.0-1ubuntu1_amd64.deb)
strings /usr/bin/xtigervncviewer | grep ANON
:+ANON-ECDH:+ANOask for username and password
- Gnome is offering type 18 - is that correct for TLS anon?
CConnection: reading protocol version
CConnection: Server supports RFB protocol version 3.8
CConnection: Using RFB protocol version 3.8
CConnection: processing security types message
CConnection: Server offers security type VncAuth(2)
CConnection: Server offers security type [unknown secType](18)
CConnection: No matching security types
CConn: No matching security types
Config: set SecurityTypes(String) to TLSNone,TLSVnc,TLSPlain
CConnection: reading protocol version
CConnection: Server supports RFB protocol version 3.8
CConnection: Using RFB protocol version 3.8
CConnection: processing security types message
CConnection: Server offers security type VncAuth(2)
CConnection: Server offers security type [unknown secType](18)
CConnection: No matching security types
CConn: No matching security types
Pierre Ossman
Nov 4, 2021, 8:48:51 AM11/4/21
to John Paul Morrison, TigerVNC User Discussion/Support
On 04/11/2021 03:22, John Paul Morrison wrote:
> I'm trying to connect to gnome-remote-desktop 40.1-1.fc34
>
> TigerVNC works great without encryption - best I've found so far. But I
> can't connect with tls-anon
>
I'm afraid GNOME's VNC server uses a different type of encryption than
> I'm trying to connect to gnome-remote-desktop 40.1-1.fc34
>
> TigerVNC works great without encryption - best I've found so far. But I
> can't connect with tls-anon
>
the one we have support for. This issue is tracked here:
https://github.com/TigerVNC/tigervnc/issues/307
Regards
--
Pierre Ossman Software Development
Cendio AB https://cendio.com
Teknikringen 8 https://twitter.com/ThinLinc
583 30 Linköping https://facebook.com/ThinLinc
Phone: +46-13-214600
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
John Paul Morrison
Nov 4, 2021, 6:49:31 PM11/4/21
to Pierre Ossman, TigerVNC User Discussion/Support
Thanks for clarifying. I thought it was odd I couldn't connect - surprised Fedora is shipping this with tls-none as the default.
I managed to get TurboVNC java working. If anyone needs a Windows exe the virt-viewer MSys will connect. The msi from Red Hat doesn't work though.
DRC
Nov 4, 2021, 7:47:07 PM11/4/21
to tigervn...@googlegroups.com
The modification to the TigerVNC Viewer would be straightforward, but unfortunately I couldn't do it for just a $20 bounty. :(
The 3.0 pre-release builds of our viewer
don't require Java, for those who may not want to install it:
https://turbovnc.org/DeveloperInfo/PreReleases
DRC
--
You received this message because you are subscribed to the Google Groups "TigerVNC User Discussion/Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tigervnc-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/tigervnc-users/CAO-kYtEiG%3D6D%2BHDDamCTS3GF-mQ1odiSQpeR7PPMy6nU09NCww%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages