VNC Two Factor Authentication for Remote Administration

Share
Share

Enabling two-factor authentication for Remote Administration VNC:
Require administrators to authenticate to XVnc first, before the Gnome Login is even presented.
Your Auditors will love this!

In order to secure XVnc (launched by xinetd for Remote Administration on SLES/SLED if enabled from Yast -> Network Services -> Remote Administration), the following simple recipe can be followed:

  1. Set a VNC PasswordExecute ‘vncpasswd’

    password will being truncated to 8 characters, so stick to a 8 character password.

  2. Configure xinetdRun:

    vi /etc/xinetd.d/vnc

    Edit line “user=” from nobody to root (or change the password file’s ownership to Nobody)

    At the end of server args enter the following: “-rfbauth /root/.vnc/passwd”

  3. Restart xinetdRun:

    rcxinetd restart

  4. Test by establishing a VNC session to SLESSERVERIP:1

vncpassword

If you did all the above, VNC should ask you to authenticate the session, even before getting a Gnome Login

Written for netcb by Peter van der Walt

Share
(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet

8,625 views