> You can't do this. That's kind of the point about SSH tunnels. If
> you could set them up automatically, they would be completely
> ineffective at authentication.
>
> Tim.
But these are two different things. Authentication is one thing. But
encrypting network traffic the other. I have no deep understanding of SSH. But as
long as I can open the SSH client, type in the destination address and all the
tunneling parameters, connect and just give a password, why can't I automate
this? Of course, I would need to give the password manually. One could think
about a private key without password - I don't know wether this is good to
do?
One could use the same password for SSH and VNC. So no need to give two
passwords...
I just have the idea that developing VNC's own encryption is somehow
redundant SSH developers are specialized in it. Using their libraries could
eliminate that partially. But again, I am not an expert on this. My question simply
is, is it really the job of a user's application to provide encryption or
isn't it somehow the OS's. The person who started this thread wrote about a thin
layer. This could be interesing of course... until we have, finally, finally,
finally a means to connect securely over the network without the need to
reinvent encryption.
The great thing about SSH is, in my opinion, that it is extremly flexible.
It is so easy to tunnel! It looks to me like tunneling at will everywhere. I
am using a command-line version of ssh on NT. If I want to make a VNC
connection, I just double click on the batch file, starting ssh using a private key
without password, connecting, setting up the tunnels and finally start the VNC
viewer.
I at least thought that this gives me an encrypted connection. For web
access I am using MindBright Java applet, connect, tunnel and click on the link
that I've put besides the applet which opens a new browser window with
http://localhost:580x. For web access I need to click some more times and enter the
password for the SSH and the password for VNC.
Working like this is easy. Setting it up is a little more work. Now having a
setup for VNC to do this would be nice. Especially for new users. But of
course, this just works for this direction of connection. I did not think about
multiple VNC screens or reverse connecting multiple remote viewers etc.
Thomas
--
Sent through GMX FreeMail - http://www.gmx.net
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
