[K12OSN] VNC (Virtual Network Computing) question
Christopher K. Johnson
ckjohnson at gwi.net
Fri May 14 12:49:41 UTC 2004
daniel.hunt at iibbank.ie wrote:
>Sorry, I forgot to add that Once the port is open .... ANYONE can connect to
>that ip address on that port.
>
>So if they happen to guess your password (or know it) then it's bye bye
>server :)
>
>
My recommended best practice would be to either:
1) Tunnel your vnc connection(s) over ssh. The ssh can be configured
easily to allow only users in a specific group, and also easily
configured to permit only public/private key based authentication so you
can reliably control who can use the connection by deploying your own
public key there.
2) Configure network-to-network or host-to-host ipsec VPN to protect the
vnc and other communication in transit. This can be done very easily if
you have systems running a 2.6 kernel.
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the K12OSN
mailing list