After more 1 000 000 (one million) views on forum for 1.5.0.x development versions... and 1.6.1.0, 1.6.3.0-dev versions
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is welcome

Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031

Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078

Development: UltraVNC development is always here... Any help is welcome.
Feedback is welcome

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

SecureVNC Plugin 2.4.0.0 info

Should you have problems with the DSM plugin? Here is the place to look for help or report issues
Post Reply
splintercode
8
8
Posts: 14
Joined: 2010-09-10 14:46

SecureVNC Plugin 2.4.0.0 info

Post by splintercode »

Hello, I need some clarifications about SecureVNC Plugin 2.4.0.0.

I have done some test, but I don't understand some elements.

- The client authentication keys, *Server_ClientAuth.pubkey and *Viewer_ClientAuth.pkey will be used by the server to authenticate the client.

OK, but usually during the creation of a pair of public/private key is recommended to use a passphrase.
UltraVNC Server during the building which passphrase will be used? Is it the same that is present on the dialog of UltraVNC Server where I can Generate Client authentication Key?
If will not be used any passphrase, how will the VncViewer verify that the private key *Viewer_ClientAuth.pkey is correct?

The contents of the *Server_ClientAuth.pubkey and *Viewer_ClientAuth.pkey has not the same format of the file generated from tools like gpg, and seems to be encrypted.
How were they built?

The RSA size affects the size of the client authentication keys that you generate, and the public key that are automatically generate by the server?.
The vncviewer client where will look for the corresponding private key?

Thank you for your patience.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6965
Joined: 2004-04-23 10:21
Contact:

Re: SecureVNC Plugin 2.4.0.0 info

Post by Rudi De Vos »

Plugin without passphrase or key: Use VNC password as part of the key:
- UltraVNC Server and Viewer exchange using DH a key

Plugin with passphrase: passphrase is used as part of the key:
- DH exchange the key

Plugin with key:
- You manual need to exchange the key, this key also act as authentication (it's like a 2024 char pass)

First, you generate a private.key

Code: Select all

openssl genrsa -des3 -out private.pem 2048
From the private key you derive a public

Code: Select all

openssl rsa -in private.pem -outform PEM -pubout -out public.pem
UltraVNC Viewer is able to verify if public is generated from private

See:
- https://www.openssl.org/docs/man1.0.2/m ... ey_ex.html
UltraVNC links (join us on social networks):
- Website: https://uvnc.com/
- Forum: https://forum.uvnc.com/
- GitHub sourcecode: https://github.com/ultravnc/UltraVNC
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
- uvnc2me: https://uvnc2me.com/
splintercode
8
8
Posts: 14
Joined: 2010-09-10 14:46

Re: SecureVNC Plugin 2.4.0.0 info

Post by splintercode »

Thank you mr. Rudi

But during the creation of the private key
>>openssl genrsa -des3 -out private.pem 2048
which passphrase is used? The same password that I typed during the creation of the public/private key, from the plugin configuration mask?

I have tried compiling the source of UltraVNC Server, indicating to the plugin via CDSMPlugin::SetPluginParams() another passphrase.
Keeping the same public and private keys of course, running the UltraVNC Viewer the connection is accepted only if I type the same passphare indicated during the call to CDSMPlugin::SetPluginParams()

So, which is the passphrase used on the creation on the public/private key?

Thanks for any clarification.
Post Reply