Unencrypted VNC connection

Question

Unencrypted VNC connection

msuciu opened this issue 4 years ago · comments

After I write the image on the SD card and create an empty text file named "vnc" on the root directory when I try to connect on the PI through VNC I receive the following:

The issue was found on this image_2020-05-06-ADI-Kuiper-full.

Robin Getz · Answer 1 · Tue Jun 02 2020 20:20:35 GMT+0800 (China Standard Time)

Which VNC is being used? I don't think we can distribute the default Raspberrian one, as it requires a commercial license. (I thought).

Mircea Caprioru · Answer 2 · Tue Jun 02 2020 20:31:27 GMT+0800 (China Standard Time)

we are using x11vnc it is open source, so we removed the realvnc default one just to remove that commercial license. Will investigate to see how to encrypt the connection.

Mihai Ionut Suciu · Answer 3 · Tue Jun 02 2020 20:33:13 GMT+0800 (China Standard Time)

Not so sure about that since the VNC option is not enabled into raspi-config.

Robin Getz · Answer 4 · Tue Jun 02 2020 20:57:02 GMT+0800 (China Standard Time)

Ok - thanks I confrmed on mine:

analog@analog:~ $ which x11vnc
/usr/bin/x11vnc

I think we just need to start it with the -ssl flag?

Robin Getz · Answer 5 · Tue Jun 02 2020 21:06:23 GMT+0800 (China Standard Time)

I think it gets started from either:

/etc/systemd/system/x11vnc.service
OR
/etc/systemd/system/multi-user.target.wants/x11vnc.service

Mircea Caprioru · Answer 6 · Tue Jun 02 2020 21:14:49 GMT+0800 (China Standard Time)

will try the -ssl flag

Robin Getz · Answer 7 · Tue Jun 02 2020 21:17:48 GMT+0800 (China Standard Time)

I'm pretty sure we do not want a cert generated every time (you would get a warning every time you attach), what we want is something that is created once, but is unique to each SD Card...