Security Basics mailing list archives
Re: vnc through ssh for windows
From: SMiller () unimin com
Date: Fri, 10 Dec 2004 09:17:12 -0500
You might want to look at iTivity (http://www.tridia.com), which is another commercial product that is originally a descendant of AT&T vnc. I am currently using Tridia's VNCPro product on clients, and their Internet Access Server for connections from and to NAT address machines (you do not need a VPN service if you have this). This has been working marvelously since May. iTivity will take this one step further in that the hosts will run agents downloaded from a web server, eliminating the need for client installs. iTivity is also priced by live connection, i.e. one host and one support computer equal two connections. Caveat - I have purchased iTivity but not yet deployed it, but I am very optimistic it will run with few hassles. This model may not be right for everyone, but it fits our support needs to a "T". Scott Miller NoSpam <nospam () dranem or g> To security-basics () securityfocus com 12/03/2004 11:37 cc PM Fax to Subject vnc through ssh for windows Michael Puchol wrote:
Hi, Just make sure you are talking about the Enterprise version of RealVNC, which does have AES, and authentication of server and viewer. The standard VNC protocol is non-encrypted, and the password security is laughable. In TightVNC implementations you type a password over 8 characters at the
server
configuration, and you are nicely reminded that only the first 8
characters
will be used anyway. I run TightVNC over SSH2, which benefits from the extra compression the tunnel provides. I use strong auth at the SSH2 stage, with other filtering added at lower layers, so it's pretty safe that way. Best regards, Mike ----- Original Message ----- From: "Stephane Auger" <stephaneauger () pre2post com> To: "Brian Bemis" <brian_bemis () hotmail com>; <security-basics () securityfocus com> Sent: Wednesday, December 01, 2004 8:46 PM Subject: RE: pcAnywhere question Hi, I'm using Remote Desktop to manage my Windows XP clients and Windows 2000/2003 servers. It runs pretty good, but we have VPNs set up for when we connect. The encryption in Terminal Services, in my opinion, is good but a VPN's always the best solution, and adds almost no overhead. A second nice solution is VNC (www.realvnc.com), which projects the desktop as if you were locally connected, unlike Terminal Services which is a remote session. I usually have both enabled. That way, I used remote desktop, and if I need to do something "locally", or TS crashes, VNC's available as a backdoor. VNC also has encryption and password protection.
How is the setup on a windows box setup? with ssh as the transport????? for Either PCAnywhere or VNC [any flavour] with ssh as the transport????? I assume it needs to be piped through something like cygwin/ssh???? any pointers appreciated for all OSes but windows specificaly windows 98/2k/xp/server & linux/unix/mac osx [os9 unlikely] Have not found a good recipe so far ;-{ Thanks nospam don't change the email address it works..
Current thread:
- RE: pcAnywhere question Brian Bemis (Dec 01)
- <Possible follow-ups>
- RE: pcAnywhere question Trevor Cushen (Dec 01)
- Re: pcAnywhere question Travis Foley (Dec 02)
- RE: pcAnywhere question Stephane Auger (Dec 02)
- Re: pcAnywhere question Michael Puchol (Dec 03)
- vnc through ssh for windows NoSpam (Dec 06)
- Re: vnc through ssh for windows Michael Puchol (Dec 07)
- Re: vnc through ssh for windows SMiller (Dec 10)
- Re: pcAnywhere question Michael Puchol (Dec 03)
- RE: pcAnywhere question Eric McCarty (Dec 02)