[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
** Changed in: vino Status: Invalid => Expired ** Changed in: vino Importance: Unknown => Medium -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
It would be nice to have this hidden feature return to the preferences GUI. I'd also want the avahi broadcasting limited to the same network interface (ie: local) or the option to disable avahi broadcast. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Hi Jacques, Sorry I haven't responded to Comment #17 yet. Today, I had time to test it in Karmic, and it works for me. Here is what I had to do: On the server: 1) $ sudo apt-get install openssh-server 2) Go to System > Preferences > Remote Desktop and enable the service 3) Open gconf-editor and change the value of /desktop/gnome/remote_access/network_interface = lo On the client (Option 1): 1) $ ssh -N -L 5900:localhost:5900 ubu...@10.10.10.69 2) Open Applications > Internet > Remote Desktop viewer and connect to "localhost" On the client (Option 2): 1) $ sudo apt-get install vncviewer 2) vncviewer -via ubu...@10.10.10.69 localhost:0 3) Password will be requested in the terminal and a vncviewer window will launch afterwards Both of these seemed to work for me. Can anyone report having issue using these instructions? -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Well I gave it another try, and still no joy... (on Jaunty with vino version 2.26.1-0ubuntu1) ) Connecting from a host with address (a.b.c.f) to vino server on remote a.b.c.d : ssh -L 5902:localhost:5900 a.b.c.d vinagre localhost:5902 - with network_interface = blank : works fine - with network_interface = lo : doesn't work (black screen). doesn't give any error message on host and no pop-up to accept connection on vino server side Here is the output from netstat on the vino server (sudo netstat -patn) : Connexions Internet actives (serveurs et établies) Proto Recv-Q Send-Q Adresse locale Adresse distanteEtat PID/Program name tcp0 0 127.0.0.1:5900 0.0.0.0:* LISTEN 5924/vino-server tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7982/sshd tcp0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3106/cupsd tcp0 0 a.b.c.d:22 a.b.c.f:58358 ESTABLISHED 7986/sshd tcp6 0 0 ::1:5900:::*LISTEN 5924/vino-server tcp6 0 0 :::22 :::*LISTEN 7982/sshd tcp6 0 0 ::1:631 :::*LISTEN 3106/cupsd tcp6 0 0 ::1:39311 ::1:5900ESTABLISHED 7994/2 tcp6 0 0 ::1:5900::1:39311 ESTABLISHED I will try again with Karmic as soon as RC is out. Cheers. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
I had a similar failure as Jacques in #10 and I found it was caused by the way I started ssh forwarding: for vino server on remote a.b.c.d, I used to run ssh -L 5902:a.b.c.d:5900 a.b.c.d Now I run ssh -L 5902:localhost:5900 a.b.c.d This works when network_interface is "lo". -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Hello Jacques, I did test the connection thru SSH and it worked successfully with the option set to "lo". Here is what I did: 1. Configure vino to only use localhost interface, as detailed in #15. 2. Connect from a host with public IP address (a.b.e.f) to vino server on remote host (a.b.c.d). Connection was tunneled using SSH. Here is the output from netstat on the vino server: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp0 0 127.0.0.1:5900 0.0.0.0:* LISTEN tcp0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp0 0 a.b.c.d:22a.b.e.f:44168ESTABLISHED tcp6 0 0 ::1:5900:::*LISTEN tcp6 0 0 :::22 :::*LISTEN -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Hello komputes. Did you test the connection through SSH tunnel from the outside with the option set to "lo" ? (see #10 above) -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
I tested this, and it seems to work as expected. Do not be frightened that your desktop sharing is still being advertised on your network and is picked up by vinaigre (vnc client). I believe this is avahi advertising the service. I nmap'd the host and port 5900 is not exposed unless the eth0 interface is set. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
I had a short jabber talk with Jonh Wendell. It seems the option to select interface is available in the back end but not directly in vino- preferences. To set up localhost only, you have to open up gconf-editor and modify the following string value to be "lo" (without the quotes): /desktop/gnome/remote_access/network_interface @ anatoly techtonik (and anyone willing to test) - Can you test this out and make sure it works for you? I will try to test this later today. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
@ anatoly techtonik I completely agree with your statement. Keep in mind that you can simply block all ports but 22 (ssh) as a workaround. As I said in comment #8: The localhost option seems to have been removed from the project in vino 2.26.0-0ubuntu1 (Jaunty). I'm guessing they couldn't make it work properly so they just took it out. And in comments #11 & 12: As mention in the upstream bug by Jonh Wendell : "local_only preference is now obsolete. Now you are able to select a network interface which vino must listen to." The select network interface is not available (I do not see it) but when this is fixed you should should be able to say select localhost and that will block all requests from the outside. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Without an option to listen to localhost only it is impossible to securely connect to vino server through SSH tunnel. I would say Ubuntu is insecure with such kind of default client. It usually a matter of hours before you get scanned by some roaming droid that will try to break the pass next try. I do not know what is the normal rate of password probing for vino, but there are always ways to sniff you traffic, so I would raise the status to rather critical security issue. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
** Attachment added: "Cannot find "Select interface" option" http://launchpadlibrarian.net/29946152/Screenshot-Remote%20Desktop%20Preferences.png -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Jacques, I do not think gnome developers are looking to fix/patch the old version which does not work (meaning it will remain broken in 8.04, and 8.10 until end-of-life). As mention in the upstream bug by Jonh Wendell : "local_only preference is now obsolete. Now you are able to select a network interface which vino must listen to." I opened up Remote Desktop Preferences and I do not see this option in vino-preferences, part of the vino package 2.26.1 (Jaunty) or 2.26.2 (Karmic). Maybe I am missing something, but I do not know how I am able to select a network interface which vino must listen to. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Still broken for me, using ubuntu Jaunty (vino version 2.26.1-0ubuntu1) : I can confirm that when the gconf key option "desktop/gnome/remote_access/network_interface" is set to "lo" (local loopback), vino seems to listen only to localhost : sudo netstat -plutn | grep vino tcp 0 0127.0.0.1:5900 0.0.0.0:*LISTEN 4936/vino-server tcp6 0 0::1:5900 :::* LISTEN 4936/vino-server But in fact, connecting through an ssh tunnel doesn't work. And yes, the connection through ssh tunnel works when the "lo" value is removed. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
** Changed in: vino Status: Unknown => Invalid -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
the option is a gconf key option now but still there ** Changed in: vino (Ubuntu) Importance: Medium => Low ** Changed in: vino (Ubuntu) Assignee: (unassigned) => Ubuntu Desktop Bugs (desktop-bugs) -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
The localhost option seems to have been removed from the project in vino 2.26.0-0ubuntu1 (Jaunty). I'm guessing they couldn't make it work properly so they just took it out. ** Changed in: vino Importance: Unknown => Undecided ** Changed in: vino Status: Invalid => New ** Changed in: vino Bugwatch: GNOME Bug Tracker #500620 => None ** Bug watch added: GNOME Bug Tracker #500620 http://bugzilla.gnome.org/show_bug.cgi?id=500620 ** Changed in: vino Importance: Undecided => Unknown ** Changed in: vino Status: New => Unknown ** Changed in: vino Bugwatch: None => GNOME Bug Tracker #500620 -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
** Changed in: vino Status: Incomplete => Invalid -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Could this be related to Bug #228370? -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
With further testing on Intrepid, I found that this bug was still not resolved, even with John's fix of "flashing" the program (for the sake of a better term) which makes it localhost only (as seen from nstat output). The following commands were ran consecutively from the host itself as well as over ssh: [EMAIL PROTECTED]:~$ netstat -nlp | grep vino (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp6 0 0 ::1:5900:::*LISTEN 10315/vino-server unix 2 [ ACC ] STREAM LISTENING 5540710315/vino-server /tmp/orbit-ubuntu/linc-284b-0-1b22e24bb4edc [EMAIL PROTECTED]:~$ vncviewer localhost:0 vncviewer: ConnectToTcpAddr: connect: Connection refused Unable to connect to VNC server [EMAIL PROTECTED]:~$ vncviewer localhost vncviewer: ConnectToTcpAddr: connect: Connection refused Unable to connect to VNC server Then I turned the localhost option... [EMAIL PROTECTED]:~$ netstat -nlp | grep vino (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp6 0 0 :::5900 :::*LISTEN 10315/vino-server unix 2 [ ACC ] STREAM LISTENING 5540710315/vino-server /tmp/orbit-ubuntu/linc-284b-0-1b22e24bb4edc unix 2 [ ACC ] STREAM LISTENING 704130 19943/vino-preferen /tmp/orbit-ubuntu/linc-4de7-0-21908543bd579 [EMAIL PROTECTED]:~$ vncviewer localhost:0 Connected to RFB server, using protocol version 3.7 Performing standard VNC authentication Password: -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
** Changed in: vino Status: Unknown => Incomplete -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Interesting. It would be great to find what is at the root of this bug. So I did as you said on the gnome bug tracker and got the following output: === $ /usr/lib/vino/vino-server 22/10/2008 12:54:38 PM Listening for VNC connections on TCP port 5900 22/10/2008 12:54:38 PM Advertising security type: 'TLS' (18) 22/10/2008 12:54:38 PM Advertising authentication type: 'VNC Authentication' (2) 22/10/2008 12:54:38 PM Advertising security type: 'VNC Authentication' (2) 22/10/2008 12:54:49 PM Re-binding socket to listen for local VNC connections on TCP port 5900 -- ON LOCAL-ONLY ON -- 22/10/2008 12:56:10 PM Re-binding socket to listen for all VNC connections on TCP port 5900 -- ABOVE - TURNING LOCAL-ONLY OPTION OFF -- 22/10/2008 12:57:18 PM Re-binding socket to listen for local VNC connections on TCP port 5900 -- ABOVE - TURNING LOCAL-ONLY OPTION ON === Then when I run netstat I get the following: tcp6 0 0 ::1:5900:::* LISTEN 12748/vino-server Thank you for your help. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
OK, this bug is already reported upstream, let's discuss it there: http://bugzilla.gnome.org/show_bug.cgi?id=500620 komputes, please, execute the instructions I asked for in upstream bug report and paste the results there. Thanks. ** Changed in: vino (Ubuntu) Importance: Undecided => Medium Status: Confirmed => Triaged ** Also affects: vino via http://bugzilla.gnome.org/show_bug.cgi?id=500620 Importance: Unknown Status: Unknown -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
This is still an issue for me. Even though the "only accept from localhost" option is selected, I am able to connect from other nodes on the network to this one using port 5900. It does not seem to only listen to itself. As requested, here is the netstat outpout with the option on: tcp6 0 0 :::5900 :::*LISTEN 6899/vino-server and with the option off: tcp6 0 0 :::5900 :::*LISTEN 6899/vino-server As you can very well see, I am not getting the same (expected) results as you. ** Changed in: vino (Ubuntu) Status: Incomplete => Confirmed -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
As Rich commented, it works fine to me. Marking as 'incomplete' until you supply the information we asked for. ** Changed in: vino (Ubuntu) Status: New => Incomplete -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 275340] Re: Remote Desktop - "only accept from localhost" option does not work
Can you post the results of running the command netstat -nlp | grep vino Both with and without the 'Only allow local connections' set. This option works for me on my machine and I get the following: Local only: tcp6 0 0 ::1:5900:::*LISTEN 7072/vino-server All: tcp6 0 0 :::5900 :::*LISTEN 7072/vino-server The '::1' in the former line shows it is listening on the local interface (although surprisingly via IPv6) and hence should not respond to remote connections. -- Remote Desktop - "only accept from localhost" option does not work https://bugs.launchpad.net/bugs/275340 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
