TigerVNC + SSH without a VNC Password?

ssh password linux vnc rhel6

I have a RHEL 6 system with TigerVNC installed. It is configured to only allow VNC connections through SSH. Thus, a user can only connect to VNC if they successfully establish an SSH connection to the system.

However, despite the SSH requirement, a user must still run the vncpasswd command and create a VNC password. Isn't this password redundant since an SSH tunnel is required and must already be established?

Thus, my question is: Can you disable the TigerVNC server's requirement for a VNC Password if it will only listen on an SSH tunnel? (Assuming that the password is actually redundant)

Thank You

EDIT: I have a theory. Is the reason why it is not redundant because once you SSH in, you can then VNC into any VNC user's account?


Solution 1:

From the TigerVNC manual. man Xvnc

-SecurityTypes sec-types
    Specify  which  security  schemes to use separated by commas.  At present only "None" and "VncAuth" are supported.  The default is "VncAuth" - note that if you want a server which does not require a password, you must set this parameter to "None".

So -SecurityTypes None on the server is the correct answer to your question. I have tested it, and it does work.

Running vncserver -SecurityTypes None will let users connect to the VNC session without a password even if a password is setup.

Related

Applying a GPO to one user on one computer only
Why does my CentOS logrotate run at random times?
Amplified reflected attack on DNS servers
Why are only 16 GB of memory usable on our server?
Suddenly, shutdown command can't be found anymore
Why is FileZilla so much faster than PSFTP?
Bad ssh config on remote server. Cannot login in
disable maximum password length on Windows Server [closed]
Changing A record and CNAME records
What is the best way to find Conficker infected PCs in company networks remotely?
What to check if 'pinging' doesn't work?
How can I prevent a scheduled task from running if the same task is already running?