Adam J. Bradley wrote:
Hi all,
I've been searching for an implementation of VNC which uses either PAM or Kerberos as its authentication method in order to provide single sign-on to Xvnc server sessions.
If it is for Xvnc, I'd remove the vnc-security and use the unix account by means of xdmcp. See http://www.sourcecodecorner.com/articles/vnc/linux.asp for some details.
This setup provides single-use vnc-sessions: only the one that connects can access, because the port that is actually used is changed by inetd (and the used Xvnc option) And once the connection between the viewer and the server is lost, the server is killed by inetd. Hence no stale vnc-sessions.
Is this facility available/possible/desireable. I'd be happy to kick off a project to get this going as I've been learning a lot about Kerberos and PAM in recent times!
If you start using kerberos, I think security is an issuse. VNC is not made for security, you need to tunnel it trough a vpn or trough ssh or such to make it secure.
If it is for authenticating-ease (the same account everywhere), the inetd solution is suitable, it also adds ease of configuration for the users (none at all)
CBee _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
