Hi Harry, That signature key is in the msdn documentation and needs to be used to sign the standard RDP RSA bits. http://msdn.microsoft.com/en-us/library/cc240776.aspx The MS client will error out with a security error if it's not signed right. MS did a poor job on this part of security and the signature is really only used as a hash to make sure the client got the RSA bits ok.
We're moving to TLS encryption in xrdp now and this is almost working in devel branch. TLS encryption is a more industry standard way to encrypt the RDP traffic. Jay On Wed, Aug 20, 2014 at 3:54 PM, Harry Johnston <ha...@waikato.ac.nz> wrote: > On 19 August 2014 09:09, Jonathan Buzzard <jonat...@buzzard.me.uk> wrote: > >> What on earth makes you think that xrdp would have the same hard coded >> RSA key in it that a Microsoft terminal server binary had in it nine >> years ago. What makes you think it has any hard coded RSA keys? > > > That would be because when I looked in the source code, it was there. > > You can compare the private key contained in keygen.c to that described in > the original advisory here: > > http://www.oxid.it/downloads/rdp-gbu.pdf > > Harry. > > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > xrdp-devel mailing list > xrdp-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/xrdp-devel > ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ xrdp-devel mailing list xrdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xrdp-devel
