RFB protocol change: user name, anyone?

Wayne Throop throopw "at" sheol.org
Tue, 25 Jul 2000 18:12:24 +0000 

::: "Russ Cox" <rsc "at" plan9.bell-labs.com>
::: It seems to me this would not be very hard.  Define a new protocol
::: revision (say 003.004), and if both client and server speak it, then
::: the server can send back "rfbUserNameRequest" as the first message,
::: the client responds with a string that is the user name, and then the
::: server can send the usual auth message -- rfbNoAuth or rfbVncAuth, for
::: instance. 

Well, ok, so Xvnc now has a username in hand.
But... um... what is Xvnc supposed to do with it?

It sounds like a MUCH bigger project than just to add a fribble to
the authentication negotiation.

:: Stefan Nehlsen <sn "at" admin.ltsh.de>
:: you might [] use the iXvnc-Patches

: "Russ Cox" <rsc "at" plan9.bell-labs.com>
: This is exactly the sort of thing I don't want to do. 
: [.. because it is horribly insecure ..]

So, it sounds like you want a secure login, which then starts a desktop
session, using the VNC protocol.  It really sounds to me like it would be
better done as a "wrapper" of some sort, rather than an extension to
the protocol.  That is, you don't seem to want to connect to an existing 
session; you want to create one on the fly.  In short, "secure iXvnc".

(I say again; it *seems* like a better way to do it than a protocol extension.)

Something very much like this could be done with "off the shelf" tools,
by using ssh to do the login part and establish a secure channel,
and then executing Xvnc (an enhanced Xvnc capable of one of the
kill-me-upon-logout modes) as the command.  That is

    ssh somehostorother -L 5901:localhost:5901 vnc-session :1 &
    vncviewer :1

or some such, but with much of the above left implicit.  Allowing
viwer and server to both have a -stdio switch (if they don't already)
would make this sort of thing easier, and dispense with the need
to do port forwarding.

Now, another possibility is to connect to a running session of that
username, if it exists, via a secure channel.  Sort of, use of the
username as a key to do a lookup on the appropriate port to
connect to.  But again, that seems like an issue for before 
the rfb protocol ever starts up.

So, if it were me, (in unix terms; analogous things for other cases) I'd
modify the clients/servers to allow one startup mode to be plugging
client and server together via std<in,out>, and then providing wrappers
around that capability for login, or mnemonic access to running servers,
or whatnot. 

But mabe that's just me.  My minimalist unix prejudice talking. 
Separation of function and process-granular specialization and cryptic
tools for scripting and all that.


Wayne Throop   throopw "at" sheol.org
               http://sheol.org/throopw
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------