Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

SecureVNC (DSM) asking for password in reverse connection

Should you have problems with the DSM plugin, here's the place to look for help or report issues
Post Reply
rattkin
8
8
Posts: 9
Joined: 2010-12-15 16:52

SecureVNC (DSM) asking for password in reverse connection

Post by rattkin »

My questions is as in topic. Could someone (possibly the author :) explain to me, what does this happen? I see some kind of inconsistency here, which I would like to understand :
  • server and client without SecureVNC, regular connection - ASKS for password - which is obvious, since access is password based.
  • server and client, without SecureVNC, reverse connection - DOESN'T ASK for password - which is a bit weird, but then again I can understand that with reverse connections and the server willingly initiating connecting, the user sharing screen, knows what he's doing and is responsible for it (is that the reason?)
  • server and client, with SecureVNC, regular connection - ASKS for password - makes sense, connection is secure but password should still be needed (though, not necessary, if you have separate certificates, I think, this should be an option to choose on server)
  • server and client, with SecureVNC, reverse connection - ASKS for password - and here's where it's weird. Why it's doing so, if it's a reverse connection, which doesn't ask for password without plugin? I understand that I can overcome this by setting whatever password and server and supply -password switch in viewer, but this doesn't feel like a "secure" workaround. I don't want the popup dialog, though. Can this be solved be some SecureVNC/UltraVNC setting?
So again, I already know the workaround, but would very much like to understand why does it work this way? Is it :
  • something related to SecureVNC which is a "bug" and can be fixed
  • something related to SecureVNC which and should remain this way because ...
  • something related to DSM architecutre, which is a "bug" and can be fixed
  • something related to DSM architecture, which was designed this way because...
For reference, I'm using 1.0.9.5 with SecureVNC embedded within (I suppose it's 2.3).
YY
200
200
Posts: 996
Joined: 2006-11-13 15:11

Re: SecureVNC (DSM) asking for password in reverse connectio

Post by YY »

rattkin wrote:[*] server and client, with SecureVNC, reverse connection - ASKS for password - and here's where it's weird. Why it's doing so, if it's a reverse connection, which doesn't ask for password without plugin?
In the original design, the DSMplugin handles the encryption, and the authentication is handled by UltraVNC server. And the original UltraVNC is designed not asking for the password in reverse connection.

This changes as the latest SecureVNC (2.3) also handles the the authentication. With it, you can set a passphase up to 128 characters length, and SecureVNC ALSO USE THE passphrase (or the native VNC password) to encrypt the handshake.

This is the reason why the viewer (even in reverse connection) now need to know the passphrase/password to establish the connection.

rattkin wrote:I don't want the popup dialog, though. Can this be solved be some SecureVNC/UltraVNC setting?
I don't see the present packages (UVNC 1095 + SecureVNC 2.3) having such setting, except you are willing to use the older UVNC (like 1.0.8.2), or the older SecureVNC (but there is only the 2.3 available at the official site, or you may download the UVNC 1.0.8.2 bin package, which have a SecureVNC 1.0 bundled)
Last edited by YY on 2011-06-18 07:40, edited 1 time in total.
rattkin
8
8
Posts: 9
Joined: 2010-12-15 16:52

Re: SecureVNC (DSM) asking for password in reverse connectio

Post by rattkin »

Ok, so this is by design. I can overcome this by supplying a password inline (it's irrelevant anyway, since the connecting person still have to possess the right key certificate), or I could force nopassword on the server, but it seems a bit overkill. SecureVNC could have an option to override the WinVNC password and allow for empty password in that dialog field.

Thanks for the answer.
redge
1000
1000
Posts: 6797
Joined: 2004-07-03 17:05
Location: Switzerland - Geneva

Re: SecureVNC (DSM) asking for password in reverse connectio

Post by redge »

something related to SecureVNC which and should remain this way because ...

this requested many time to have password for reverse connection, so you sure you are connected to good remote computer/person

this also requested many time to have password via repeater connexion
this way, not everybody can connect to an ID without password.

anyway, if key is used, could be an option without ask password for backward compatibility for some users prefer NO password authentication.
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
Post Reply