PAM support and portmapper / helper

Macky macky@macky.co.uk
Thu Jul 10 09:45:01 2003


Hi all,

PAM: 
Has anyone done any work on PAM authentication for VNC?

I am currently using Xvnc :2 -broadcast ... to connect to my xdmcp
server and log in. The problem comes when the link goes down, there is a
logged in session available to anyone.

Options: 
1) have the vncpasswd use pam and skip xdm for authentication
2) have the session close when the connection drops, not ideal but
solves the problem.

Portmapper: 

A portmapper type system  would be handy so a request is always served,
say port 5900, which then starts an Xvnc on a new port that is free, say
port 5901 - 5910 for example then asks the client to reconnect. the
5900  listener could do the auth also. Anyone who has used MS TS / RDP
will be familiar with this behaviour.

The client would need changes to accommodate this but the server will
need little alteration as a helper could be created to do auth and then
set up a new Xvnc running on the negotiated port and set up a session /
one time password.

These things may have been discussed before but i couldnt find much
reference to them in the archive

Comments please.

TIA

Macky