Here is the the motivation: we had a machine broken into because of a vulnerability in vncserver. This, plus the issue of unencrypted channel, brought me to tighten up security by requiring that users will be obliged to use SSH tunnels.
The problem is that as long as the server (either vnc, vino) listens on INADDR_ANY one cannot force such policy (note that with SSH tunnels the server need not listen on anything other than localhost). Therefore even if I had set the SSH channel for that instance of the server (through which someone got in), it wouldn't have helped in the event of a server vulnerability. Forcing localhost only prevents any sort of remote exploit of the service (assuming, of course, SSH is safe ...) (note that it is possible to tell vncserver to listen localhost only, but only by a command line switch, thus depending on the good will of the user; I wish there was - in vnc and vino - a way to set that option system wide - e.g. via /etc/vnc.conf). -- vino listen on all addresses https://launchpad.net/bugs/54312 -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
