如何在linux中的tigervnc中添加X509证书TLS加密？

Question

来自x0vncserver手册页

-SecurityTypes sec-types
    Specify which security scheme to use for incoming connections. Valid values are a comma separated list of None, VncAuth, Plain, TLSNone, TLSVnc, TLSPlain, X509None, X509Vnc and X509Plain. Default is VncAuth,TLSVnc.

−X509Cert path

Path to a X509 certificate in PEM format to be used for all X509 based security types (X509None, X509Vnc, etc.).

−X509Key path

Private key counter part to the certificate given in X509Cert. Must also be in PEM format.

−GnuTLSPriority priority

GnuTLS priority string that controls the TLS sessionâs handshake algorithms. See the GnuTLS manual for possible values. Default is NORMAL.

所以基本上你必须设置然后在和-SecurityTypes X509...中提供你的证书和私钥的路径。设置GnuTLS 优先级。-X509Cert-X509Key-GnuTLSPriority

可能的 GnuTLS 优先级是详尽的，因为有很多密码套件。读自GnuTLS 文档

抱歉：我不确定这是否是正确的答案，因为它未经测试，而且我从未使用过 VNC 的 X509 证书（好吧，我的网络浏览器会为我读取它们）。评论里看起来太笨拙了。

Answer 1

来自x0vncserver手册页

-SecurityTypes sec-types
    Specify which security scheme to use for incoming connections. Valid values are a comma separated list of None, VncAuth, Plain, TLSNone, TLSVnc, TLSPlain, X509None, X509Vnc and X509Plain. Default is VncAuth,TLSVnc.

−X509Cert path

Path to a X509 certificate in PEM format to be used for all X509 based security types (X509None, X509Vnc, etc.).

−X509Key path

Private key counter part to the certificate given in X509Cert. Must also be in PEM format.

−GnuTLSPriority priority

GnuTLS priority string that controls the TLS sessionâs handshake algorithms. See the GnuTLS manual for possible values. Default is NORMAL.

所以基本上你必须设置然后在和-SecurityTypes X509...中提供你的证书和私钥的路径。设置GnuTLS 优先级。-X509Cert-X509Key-GnuTLSPriority

可能的 GnuTLS 优先级是详尽的，因为有很多密码套件。读自GnuTLS 文档

抱歉：我不确定这是否是正确的答案，因为它未经测试，而且我从未使用过 VNC 的 X509 证书（好吧，我的网络浏览器会为我读取它们）。评论里看起来太笨拙了。

如何在linux中的tigervnc中添加X509证书TLS加密？

答案1

相关内容