I spent hours on this but nothing works. If I connect without encryption I don't have any problem.
It would be nice to see a video that explains how although it seems straight forward
-I installed both server and client the 1.5.0.1
-On both sides I ran in administrator mode "winvnc -installdriver"
-On both client and Server I check Use SecureVNCPlugin64.dsm
Then I go on the server side and place passphrase&confirm
then I click generate Client Authentication Keys
(leaving AES 256bit & use new key algorithm as per default)
Then I copy both "20240920_Server_ClientAuth.pubkey" and "20240920_Viewer_ClientAuth.pkey" on the directory of vncviewer on the client side (without renaming them).
On the client side I check "only allow Encrypted Servers and Only servers with password.
When I start the client I get the prompt and I type the same VNC Password that I have at the top let of the Administrator Properties of the server side. The same I used without encryption and that worked.
(Just to be clear I never type again anywhere the passowrd&confirm of the SecureVNCPlugin64.dsm configuration)
After typing the password on the prompt of the client side I get "Authentication Rejected".
It seems straight forward and that might be away I don't see instructions for this. What's wrong, why it doesn't work?
This is the relevant part of the log file (MS-Logon is unchecked):
vncSockConnectThread::run_undetached : accepted connection from 192.168.1.4
vncServer::AddClient : AddClient() started
vncClient::vncClient : vncClient() executing...
vncServer::AddClient : AddClient() done
vncClientThread::run : client connected : 192.168.1.4 (1)
vncClientThread::InitSocket : DSMPlugin Pointer to socket OK
vncClientThread::InitVersion : Send protocolMsg
vncClientThread::InitVersion : Send_OK
vncClientThread::InitVersion : m_ms_logon set to falsevncClientThread::run : negotiated version
Entered InitAuthenticate
vncServer::VerifyHost : client 192.168.1.4 verifiedHost 0 prior to adjustment
vncServer::VerifyHost : client 192.168.1.4 verifiedHost 0 after adjustment
Fri Sep 20 22:01:39 2024
vncClientThread::LogAuthResult : authentication failed
vncServer::RemoveClient : removing unauthorised client
vncServer::RemoveClient : RemoveClient() done
vncClient::~vncClient : ~vncClient() executing...
vncClient::~vncClient : deleting socket
VSocket::Close : closing socket
Fri Sep 20 22:15:15 2024
vncMenu::WndProc : show user properties requested
Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
No login with Encryption
-
Rudi De Vos
- Admin & Developer
- Posts: 6891
- Joined: 2004-04-23 10:21
- Contact:
Re: No login with Encryption
Please do it step by step.
remove the ultravnc.ini on the server site to set back to default
remove the keys on both site
Start the server, this create a new ultravnc.ini and set a new 8 char vnc password
1) Connect plain, no enceryption
2) select use plugin on both sites, no key, just the plugin ---> You need to enter the vnc password to connect
3) set a passphrase in the plugin ->You need to enter that phrase to connect
4) create a key, this key actual act as authentication and encryption,
Keep the server key on the server, copy the viewer key in the folder with vncviewer.exe
I don't know if the vnc or phrase is used as it's actual overkill as the key is also used for authentication
If you don't connect x times, your ip get blacklisted and is lockout for a time. Restart server if you don't want to wait.
remove the ultravnc.ini on the server site to set back to default
remove the keys on both site
Start the server, this create a new ultravnc.ini and set a new 8 char vnc password
1) Connect plain, no enceryption
2) select use plugin on both sites, no key, just the plugin ---> You need to enter the vnc password to connect
3) set a passphrase in the plugin ->You need to enter that phrase to connect
4) create a key, this key actual act as authentication and encryption,
Keep the server key on the server, copy the viewer key in the folder with vncviewer.exe
I don't know if the vnc or phrase is used as it's actual overkill as the key is also used for authentication
If you don't connect x times, your ip get blacklisted and is lockout for a time. Restart server if you don't want to wait.
Re: No login with Encryption
Thank you for taking the time to explain. It actually works now.
I am wandering what is the real difference. Is that the authentication password is 8 characters only?
Is that at the step2 "2) select use plugin on both sites, no key, just the plugin ---> You need to enter the vnc password to connect"
I login insecure because the passphrase has been not set yet but something happens in Ultra Vnc that makes all work right?
In any case I am happy it works very well.
Thank you!
G
I am wandering what is the real difference. Is that the authentication password is 8 characters only?
Is that at the step2 "2) select use plugin on both sites, no key, just the plugin ---> You need to enter the vnc password to connect"
I login insecure because the passphrase has been not set yet but something happens in Ultra Vnc that makes all work right?
In any case I am happy it works very well.
Thank you!
G
-
Rudi De Vos
- Admin & Developer
- Posts: 6891
- Joined: 2004-04-23 10:21
- Contact:
Re: No login with Encryption
When encryption is active the pasword is used to create an encryption key.
The encryption is secure, even with a 8 char passwd but using brute force 8 char passwords are easy broken as the combination is limited.
That's ok for internal use, but on a open server should set a phassphraze
The encryption is secure, even with a 8 char passwd but using brute force 8 char passwords are easy broken as the combination is limited.
That's ok for internal use, but on a open server should set a phassphraze
Re: No login with Encryption
Not sure what the OP was referring to by "-On both sides I ran in administrator mode "winvnc -installdriver"" I didn't need to do any of that to get it working under Windows.
This solution worked for me, however, for some strange reason I was getting only view level access when I entered the encryption pass phrase (VNC and View passwords no longer worked once encryption was enabled).
It appears the solution was to remove the "Viewer" pass word from the server settings completely leaving only the VNC password. I then logged in to the server from the client with the pass phrase when prompted and only then had control over the desktop. So, I don't know what's up with that but it appears to be working. It actually appears that you can't leave the password fields blank as the next time you open the server settings the passwords are back in the fields. Weird, I don't know what actually fixed it then.
Currently I'm connecting with encryption enabled on both client and server using the pass phrase and all seems to be working good. Perhaps it's just the encryption plugin is a bit quirky.
Any thoughts or suggestions would be welcome.
Also, is it really necessary to use a pass phrase once the security keys are in the right place, I thought the encryption key would be enough no matter what I've tried I have to enter the pass phrase every time to log in, is that normal?
This solution worked for me, however, for some strange reason I was getting only view level access when I entered the encryption pass phrase (VNC and View passwords no longer worked once encryption was enabled).
It appears the solution was to remove the "Viewer" pass word from the server settings completely leaving only the VNC password. I then logged in to the server from the client with the pass phrase when prompted and only then had control over the desktop. So, I don't know what's up with that but it appears to be working. It actually appears that you can't leave the password fields blank as the next time you open the server settings the passwords are back in the fields. Weird, I don't know what actually fixed it then.
Currently I'm connecting with encryption enabled on both client and server using the pass phrase and all seems to be working good. Perhaps it's just the encryption plugin is a bit quirky.
Any thoughts or suggestions would be welcome.
Also, is it really necessary to use a pass phrase once the security keys are in the right place, I thought the encryption key would be enough no matter what I've tried I have to enter the pass phrase every time to log in, is that normal?
Last edited by rfxcasey on 2025-02-16 19:38, edited 10 times in total.