Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

VNC-Server: Handling of encrypted passwords

Any features you would like to see in UltraVNC? Propose it here
Post Reply
buggybunny
8
8
Posts: 9
Joined: 2007-05-08 14:41

VNC-Server: Handling of encrypted passwords

Post by buggybunny »

Hey folks,

i searched the forum but there seems to be no similar request:

Is it planned to extend the VNC-Server in a way that it can handle encrypted passwords?

The course of event could be as follows:

-> There is a flag in the servers configuration that tells the server that by default all transmitted passwords are encrypted
-> The server knows where the decryption key on the local filesystem resides
-> Server decrypts the password with the key
-> Checks wether password is correct and does the rest of the stuff needed to initiate the VNC session

Background of this question:

I have a special customer setup, in which the employees of our customers connect to the VNC-servers via a portal application.
It is a request of our customer that the employees may connect to the server, but they shall NOT know the passwords for the VNC-servers (passwords should be handled by our portal application). In the future, our portal application would provide the employees with an encrypted password, which is then decrypted by the server.

So, what do you say?...... :wink:

P.S.:

Please note that DSM-Plugins do NOT solve this problem.....
UltraSam
Admin & Developer
Admin & Developer
Posts: 462
Joined: 2004-04-26 20:55
Contact:

Re: VNC-Server: Handling of encrypted passwords

Post by UltraSam »

Not planned...

But if you have access to the code and DB of your portal application I don't see why we would need to do what you describe. Tell me if I'm missing something:

1. All the VNC servers passwords are stored somewhere in your portal Database (not far from the users table)

2. A user authentifies himself on your portal, whith whatever login/password system you want (stored encrypted (or hashed) in your DB), then select the VNC server if required.

3. The portal runs the Ultra vncviewer with the selected VNC server password found in the DB, using the following syntax:

vncviewer.exe serverAdr -password TheServerPasswordTookFromPortalDB

This way, the users only have to know their own personal Login/password and never see the UltraVNC servers passwords.
UltraSam
Post Reply