[
https://issues.apache.org/jira/browse/GUACAMOLE-414?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16525344#comment-16525344
]
Brian Saltzman commented on GUACAMOLE-414:
------------------------------------------
I've found TLS without Auth works as well. +257 TLSNone TLS encryption with no
authentication, see below. I've tested this and it ignores the VCN password
completely but does make a stable VNC connection. I'll leave this running
allnight and let you know if it fails but it seemed to run for hours already
with no issues.
[https://www.mail-archive.com/[email protected]/msg00256.html]
h1. [VeNCrypt security type
specification|https://www.mail-archive.com/[email protected]&q=subject:%22%5C%5Brfbproto%5C%5D+VeNCrypt+security+type+specification%22&o=newest]
The VeNCrypt security type is a generic authentication method which
+encapsulates multiple authentication subtypes. Every VeNCrypt subtype
+creates TLS stream so all VNC traffic is encrypted.
After VeNCrypt security type is selected server sends the highest
+version of VeNCrypt it can support. Although two versions exist, 0.1
+and 0.2, this document describes only newer version 0.2.
( VeNCrypt 0.2 is supported in Guac 9.14 )
...
+Following VeNCrypt subtypes are defined in this document:
+
+=============== =============== =======================================
+Code Name Description
+=============== =============== =======================================
+257 TLSNone TLS encryption with no authentication
+258 TLSVnc TLS encryption with VNC authentication
+260 X509None X509 encryption with plain password
+261 X509Vnc X509 encryption with VNC authentication
+=============== =============== =======================================
here are the Logs created in .vnc folder:
SConnection: Client requests security type VeNCrypt(19)
Wed Jun 27 15:22:03 2018
SVeNCrypt: Client requests security type TLSNone (257)
here is Xvnc Process running:
/usr/bin/Xvnc :1 -securitytypes vncauth,TLSNone -auth /headless/.Xauthority
-desktop 0f37ec4c1f4c:1 () -fp catalogue:/etc/X11/fontpath.d -geometry 1024x768
-pn -rfbauth /headless/.vnc/passwd -rfbport 5901 -rfbwait 30000
> Certain VNC servers result in disconnection due to TLS errors
> -------------------------------------------------------------
>
> Key: GUACAMOLE-414
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-414
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-server, guacd
> Affects Versions: 0.9.13-incubating, 0.9.14
> Environment: unRAID 6.4rc9 Docker container
> Reporter: Jason Bean
> Priority: Minor
>
> Connecting to certain VNC servers such as Ubuntu Desktop (all versions I have
> ever run) and a CentOS based Browser Docker
> ([https://hub.docker.com/r/consol/centos-xfce-vnc/]) cause frequent TLS
> errors and consequently disconnections. The errors in the log are as follows:
> {noformat}
> Oct 12 14:54:59 2004ff6050af guacd[8440]: Error reading from TLS: The TLS
> connection was non-properly terminated..
> Oct 12 14:54:59 2004ff6050af guacd[8440]: read (4: Interrupted system call)
> Oct 12 14:54:59 2004ff6050af guacd[8440]: Error handling message from VNC
> server.
> Oct 12 14:54:59 2004ff6050af guacd[8440]: Internal VNC client disconnected
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
