@Holger: yes --- I just noticed it too. I humbly suggest that Canonical or Redhat help the vino developers to add a more common encryption type to the vino server. It is the default (and the facto only) remote vnc server in our system, and in its current state forces everyone to connect **in clear** on the local network. All what you type is sent as is.
I have worked around it wrapping the thing in a SSH tunnel, but still, it's sensible to local attacks and I think it's not a solution for the average user. @Sebastian, I am not sure if this is a security thing --- after all, before the switch, all the connections were silently made without encryption, but it's scary nevertheless --- sniffing for traffic on port 5900 is easy enough. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to vino in Ubuntu. https://bugs.launchpad.net/bugs/1281250 Title: VNC accessible for Windows machines only with encryption disabled Status in GNOME Remote Desktop: Confirmed Status in “vino” package in Ubuntu: Triaged Status in “vino” source package in Trusty: Triaged Status in “vino” package in Fedora: Unknown Bug description: Since a recent update, it is impossible to connect to my Ubuntu box using VNC from a Windows machine unless I disable encryption on the vino server. I tested up-to-date tightVNC client and TigerVNC client on the Windows machine, with the same result. As soon I try to connect, I receive the following error: [ 5872/ 6448] 2014-01-20 12:11:18:247 List of security type is read [ 5872/ 6448] 2014-01-20 12:11:18:247 : Security Types received (1): Unknown type (18) [ 5872/ 6448] 2014-01-20 12:11:18:247 Selecting auth-handler [ 5872/ 6448] 2014-01-20 12:11:18:247 + RemoteViewerCore. Exception: No security types supported. Server sent security types, but we do not support any of their. So it seems that the update changed the security type of vino to a new one. I searched for a way to go back to the old one (until the clients catches up) with no avail. A solution is disabling the encryption completely, by gsettings set org.gnome.Vino require-encryption false ...but this is subotpimal. Is there a way to switch the encryption back to the old one? To manage notifications about this bug go to: https://bugs.launchpad.net/vino/+bug/1281250/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
