No login with Encryption

[giogio]

I spent hours on this but nothing works. If I connect without encryption I don't have any problem.
It would be nice to see a video that explains how although it seems straight forward
-I installed both server and client the 1.5.0.1
-On both sides I ran in administrator mode "winvnc -installdriver"
-On both client and Server I check Use SecureVNCPlugin64.dsm
Then I go on the server side and place passphrase&confirm
then I click generate Client Authentication Keys
(leaving AES 256bit & use new key algorithm as per default)
Then I copy both "20240920_Server_ClientAuth.pubkey" and "20240920_Viewer_ClientAuth.pkey" on the directory of vncviewer on the client side (without renaming them).
On the client side I check "only allow Encrypted Servers and Only servers with password.
When I start the client I get the prompt and I type the same VNC Password that I have at the top let of the Administrator Properties of the server side. The same I used without encryption and that worked.

(Just to be clear I never type again anywhere the passowrd&confirm of the SecureVNCPlugin64.dsm configuration)

After typing the password on the prompt of the client side I get "Authentication Rejected".

It seems straight forward and that might be away I don't see instructions for this. What's wrong, why it doesn't work?
This is the relevant part of the log file (MS-Logon is unchecked):

vncSockConnectThread::run_undetached : accepted connection from 192.168.1.4
vncServer::AddClient : AddClient() started
vncClient::vncClient : vncClient() executing...
vncServer::AddClient : AddClient() done
vncClientThread::run : client connected : 192.168.1.4 (1)
vncClientThread::InitSocket : DSMPlugin Pointer to socket OK
vncClientThread::InitVersion : Send protocolMsg
vncClientThread::InitVersion : Send_OK
vncClientThread::InitVersion : m_ms_logon set to falsevncClientThread::run : negotiated version
Entered InitAuthenticate
vncServer::VerifyHost : client 192.168.1.4 verifiedHost 0 prior to adjustment
vncServer::VerifyHost : client 192.168.1.4 verifiedHost 0 after adjustment
Fri Sep 20 22:01:39 2024
vncClientThread::LogAuthResult : authentication failed
vncServer::RemoveClient : removing unauthorised client
vncServer::RemoveClient : RemoveClient() done
vncClient::~vncClient : ~vncClient() executing...
vncClient::~vncClient : deleting socket
VSocket::Close : closing socket
Fri Sep 20 22:15:15 2024
vncMenu::WndProc : show user properties requested

[Rudi De Vos]

Please do it step by step.
remove the ultravnc.ini on the server site to set back to default
remove the keys on both site
Start the server, this create a new ultravnc.ini and set a new 8 char vnc password

1) Connect plain, no enceryption

2) select use plugin on both sites, no key, just the plugin ---> You need to enter the vnc password to connect

3) set a passphrase in the plugin ->You need to enter that phrase to connect

4) create a key, this key actual act as authentication and encryption,
Keep the server key on the server, copy the viewer key in the folder with vncviewer.exe
I don't know if the vnc or phrase is used as it's actual overkill as the key is also used for authentication

If you don't connect x times, your ip get blacklisted and is lockout for a time. Restart server if you don't want to wait.

[giogio]

Thank you for taking the time to explain. It actually works now.
I am wandering what is the real difference. Is that the authentication password is 8 characters only?
Is that at the step2 "2) select use plugin on both sites, no key, just the plugin ---> You need to enter the vnc password to connect"
I login insecure because the passphrase has been not set yet but something happens in Ultra Vnc that makes all work right?
In any case I am happy it works very well.
Thank you!
G

[Rudi De Vos]

When encryption is active the pasword is used to create an encryption key.
The encryption is secure, even with a 8 char passwd but using brute force 8 char passwords are easy broken as the combination is limited.

That's ok for internal use, but on a open server should set a phassphraze