On Wed, May 14, 2008 at 1:02 PM, Anders Johansson
On Wednesday 14 May 2008 21:57:59 John Andersen wrote:
Since its password protected with no known vulnerabilities in the wild the risk is rather minimal.
One known: the password is transmitted in clear text, and so is the whole connection, which means if you su to root (for example), the root password is easily read by anyone with access to a router along the way
NX is better for going across the internet, since it's tunneled over ssh. Normal vnc is really only for a local LAN
Password is not transmitted at all. http://www.vnc.com/support/faq.html#security (assuming Krdc follows the protocol). But you are correct, the session is cleartext. Still, ssh makes so much more sense, which is why I suggested it. It takes very little more to run Krdc thru a ssh tunnel if you have to look at the remote desktop in real time to help a user. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org