Vitali,
To the best of my knowledge, RDP5.1 is simply not a secure option, as
the private key is known (which the vbox manual explains). The below
site explains the problem in detail.
http://www.oxid.it/ca_um/topics/apr-rdp.htm
Unfortunately this means VBox will not meet my needs, as I'm fairly sure
a simple script kiddie can hijack a VRDP session.
--Brian
Vitali Pelenjow wrote:
Hi Brian,
the manual is incorrect here. Current version of VRDP server can't be
configured to supply a certificate to the client.
RDP5.1 method is used for initial RSA key exchange.
Note that 5.2 method uses a certificate only for the initial public
key exchange. Further 128 bit RC4 encryption is the same for both
methods.
Best regards,
Vitali.
Brian Embry wrote:
I'm running VirtualBox 3.1.2 on Debian Stable in a headless
configuration. I'm currently using VRDP to access my vms, however
I'm a bit concerned with the security.
According to the VBox manual vrdp section:
http://www.virtualbox.org/manual/UserManual.html#vrdp-auth
VBox supports RDP5.2, which allows the option of supplying you own CA
and server cert using OpenSSL, which is the only way to ensure a
reliable and secure connection.
I can find no information on how to configure or how to set this up
and supply your own CA cert, and configure VBox to only accept RDP5.2
communication.
I am aware of the option of ssh tunneling/port forwarding, but that
is not an option for my configuration.
--Brian
_______________________________________________
vbox-users mailing list
[email protected]
http://vbox.innotek.de/mailman/listinfo/vbox-users
_______________________________________________
vbox-users mailing list
[email protected]
http://vbox.innotek.de/mailman/listinfo/vbox-users
