0
stark2012
13.06.14
✎
15:18
|
Поставил последнюю Ubuntu, пытаюсь зайти по VNC, появляется следующая ошибка:
Unable to connect to VNC Server using your chosen security setting. Either upgrade VNC Server to a more recent version from RealVNC, or select a weaker level of encryption.
Удалось выяснить что в данной версии VNC не будет работать с включенным шифрованием.
Вопрос, как отключить шифрование в Ubuntu 14.04
Спасибо
|
|
2
DjSpike
13.06.14
✎
17:09
|
vencrypt mode
The VeNCrypt extension to the VNC protocol allows
encrypted SSL/TLS connections. If the -ssl mode is enabled, then VeNCrypt is enabled as well BY DEFAULT (they both use a SSL/TLS tunnel, only the protocol handshake is a little different.)
To control when and how VeNCrypt is used, specify the
mode string. If mode is "never", then VeNCrypt is not used. If mode is "support" (the default) then VeNCrypt is supported. If mode is "only", then the similar and older ANONTLS protocol is not simultaneously supported. x11vnc's normal SSL mode (vncs://) will be supported under -ssl unless you set mode to "force".
If mode is prefixed with "nodh:", then Diffie Hellman
anonymous key exchange is disabled. If mode is prefixed with "nox509:", then X509 key exchange is disabled.
To disable all Anonymous Diffie-Hellman access
(susceptible to Man-In-The-Middle attack) you will need to supply "-vencrypt nodh:support -anontls never" or "-vencrypt nodh:only"
If mode is prefixed with "newdh:", then new Diffie
Hellman parameters are generated for each connection (this can be time consuming: 1-60 secs; see -dhparams below for a faster way) rather than using the fixed values in the program. Using fixed, publicly known values is not known to be a security problem. This setting applies to ANONTLS as well.
Long example: -vencrypt newdh:nox509:support
Also, if mode is prefixed with "plain:", then
if -unixpw mode is active the VeNCrypt "*Plain" username+passwd method is enabled for Unix logins. Otherwise in -unixpw mode the normal login panel is provided.
You *MUST* supply the -ssl option for VeNCrypt to
be active. The -vencrypt option only fine-tunes its operation.
|
|