PAM support and portmapper / helper
Thu Jul 10 09:45:01 2003
Has anyone done any work on PAM authentication for VNC?
I am currently using Xvnc :2 -broadcast ... to connect to my xdmcp
server and log in. The problem comes when the link goes down, there is a
logged in session available to anyone.
1) have the vncpasswd use pam and skip xdm for authentication
2) have the session close when the connection drops, not ideal but
solves the problem.
A portmapper type system would be handy so a request is always served,
say port 5900, which then starts an Xvnc on a new port that is free, say
port 5901 - 5910 for example then asks the client to reconnect. the
5900 listener could do the auth also. Anyone who has used MS TS / RDP
will be familiar with this behaviour.
The client would need changes to accommodate this but the server will
need little alteration as a helper could be created to do auth and then
set up a new Xvnc running on the negotiated port and set up a session /
one time password.
These things may have been discussed before but i couldnt find much
reference to them in the archive