What kind of /dev/urandom issue do you mean? I have executed "hexdump -C -n 800 /dev/urandom" and it seems to be generating fine random numbers (at least, visually)... Moreover, when I run vncpasswd, it returns me an OTP number... So it seems to be generating OTPs correctly. However, when I try to connect to the VNC session, the server tells me that no OTP was generated... Very weird...
Em ter., 7 de abr. de 2020 às 15:40, DRC <[email protected]> escreveu: > The OTP is stored in a root window property (VNC_OTP) on the TurboVNC X > display, but that property is ephemeral. When vncpasswd sets the root > property, the TurboVNC Server immediately reads the property, copies the > value into an internal variable, and deletes the property. > > The best way to verify the OTP value is to modify the TurboVNC Server as > follows: > > --------- BEGIN PATCH ---------- > --- a/unix/Xvnc/programs/Xserver/hw/vnc/init.c > +++ b/unix/Xvnc/programs/Xserver/hw/vnc/init.c > @@ -1380,10 +1380,22 @@ void rfbRootPropertyChange(PropertyPtr pProp) > } > > } else if ((pProp->size == MAXPWLEN) || (pProp->size == (MAXPWLEN * > 2))) { > + char passwdFullControl[MAXPWLEN + 1] = "\0"; > + char passwdViewOnly[MAXPWLEN + 1] = "\0"; > + > free(rfbAuthOTPValue); > rfbAuthOTPValueLen = pProp->size; > rfbAuthOTPValue = (char *)rfbAlloc(pProp->size); > memcpy(rfbAuthOTPValue, pProp->data, pProp->size); > + > + memcpy(passwdFullControl, rfbAuthOTPValue, MAXPWLEN); > + passwdFullControl[MAXPWLEN] = '\0'; > + rfbLog("Full control one-time password: %s\n", passwdFullControl); > + if (rfbAuthOTPValueLen / MAXPWLEN > 1) { > + memcpy(passwdViewOnly, rfbAuthOTPValue + MAXPWLEN, MAXPWLEN); > + passwdViewOnly[MAXPWLEN] = '\0'; > + rfbLog("View-only one-time password: %s\n", passwdViewOnly); > + } > } > > memset(pProp->data, 0, pProp->size); > --------- END PATCH ---------- > > > If I were a betting man, I would bet that the failing machine has an > issue with /dev/urandom. > > DRC > > On 4/7/20 9:10 AM, Rafael Guimaraes wrote: > > Hi Folks, > > > > I am having some problem on using TurboVNC with OTP in one specific > > computer. I have always used OTP and it has never let me down. However, > > in this specific computer, I ask VNC server to generate an OTP (through > > vncpasswd), it provides me a number but, when I try using it to access > > the session, VNC server tells me that no OTP was set. > > Any suggestions? Where do VNC server stores OTP? Could this be a simple > > permission issue? > > > > Cheers, > > > > Rafael Guimarães > > -- > You received this message because you are subscribed to the Google Groups > "TurboVNC User Discussion/Support" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/turbovnc-users/db34acef-4ff4-822c-ac07-039249a815b9%40virtualgl.org > . > -- You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/CAMCG4__j817fsqLKLjURSBqOOU9Tud%3DTVxqBkbF2XBfxyzSuww%40mail.gmail.com.
