x11vnc
x11vnc copied to clipboard
Published
20 hours ago •
LibVNC
LibVNC
"SingleSignOn" via xrdp and unix auth
I'm trying to release the following:
Login via rdp to xrdp -> local connection to x11vnc with auth via -unixpw and accessing running session on :0 For unixpw the credentials should be used which are delivered from rdp session (client). I only get managed to reach the second (black) login window login name is not visible and input starts at password line.
Is this a bug or how can i fix it?
Code:
x11vnc start params:
x11vnc -xkb -noxrecord -noxfixes -noxdamage -display :0 -auth /var/run/lightdm/root/:0 -loop -forever -ncache 10 -noipv6 -o /var/log/x11vnc.log -unixpw
xrdp.ini:
[Globals]
; xrdp.ini file version number
ini_version=1
; fork a new process for each incoming connection
fork=true
; tcp port to listen
port=3389
; 'port' above should be connected to with vsock instead of tcp
use_vsock=false
; regulate if the listening socket use socket option tcp_nodelay
; no buffering will be performed in the TCP stack
tcp_nodelay=true
tcp_keepalive=true
security_layer=negotiate
crypt_level=high
certificate=
key_file=
ssl_protocols=TLSv1.2, TLSv1.3
autorun=X11vnc
allow_channels=true
allow_multimon=true
bitmap_cache=true
bitmap_compression=true
bulk_compression=true
max_bpp=32
new_cursors=true
use_fastpath=both
blue=009cb5
grey=dedede
ls_top_window_bg_color=009cb5
ls_width=350
ls_height=430
ls_bg_color=dedede
ls_logo_filename=
ls_logo_x_pos=55
ls_logo_y_pos=50
ls_label_x_pos=30
ls_label_width=65
ls_input_x_pos=110
ls_input_width=210
ls_input_y_pos=220
ls_btn_ok_x_pos=142
ls_btn_ok_y_pos=370
ls_btn_ok_width=85
ls_btn_ok_height=30
ls_btn_cancel_x_pos=237
ls_btn_cancel_y_pos=370
ls_btn_cancel_width=85
ls_btn_cancel_height=30
[Logging]
LogFile=xrdp.log
LogLevel=DEBUG
EnableSyslog=true
SyslogLevel=DEBUG
[Channels]
rdpdr=true
rdpsnd=true
drdynvc=true
cliprdr=true
rail=true
xrdpvr=true
tcutils=true
[X11vnc]
name=console
lib=libvnc.so
username=asksame
password=asksame
ip=127.0.0.1
port=5900
xserverbpp=16
delay_ms=0
xsesman.ini:
;; See `man 5 sesman.ini` for details
[Globals]
ListenAddress=127.0.0.1
ListenPort=3350
EnableUserWindowManager=false
; Give in relative path to user's home directory
UserWindowManager=startwm.sh
; Give in full path or relative path to /etc/xrdp
DefaultWindowManager=startwm.sh
; Give in full path or relative path to /etc/xrdp
ReconnectScript=reconnectwm.sh
[Security]
AllowRootLogin=false
MaxLoginRetry=4
TerminalServerUsers=tsusers
TerminalServerAdmins=tsadmins
; When AlwaysGroupCheck=false access will be permitted
; if the group TerminalServerUsers is not defined.
AlwaysGroupCheck=true
[Sessions]
;; X11DisplayOffset - x11 display number offset
; Type: integer
; Default: 10
X11DisplayOffset=10
;; MaxSessions - maximum number of connections to an xrdp server
; Type: integer
; Default: 0
MaxSessions=50
;; KillDisconnected - kill disconnected sessions
; Type: boolean
; Default: false
; if 1, true, or yes, kill session after 60 seconds
KillDisconnected=false
;; DisconnectedTimeLimit - when to kill idle sessions
; Type: integer
; Default: 0
; if not zero, the seconds before a disconnected session is killed
; min 60 seconds
DisconnectedTimeLimit=0
;; IdleTimeLimit (specify in second) - wait before disconnect idle sessions
; Type: integer
; Default: 0
; Set to 0 to disable idle disconnection.
IdleTimeLimit=0
;; Policy - session allocation policy
; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ]
; Default: Xrdp:<User,BitPerPixel> and Xvnc:<User,BitPerPixel,DisplaySize>
; "UBD" session per <User,BitPerPixel,DisplaySize>
; "UBI" session per <User,BitPerPixel,IPAddr>
; "UBC" session per <User,BitPerPixel,Connection>
; "UBDI" session per <User,BitPerPixel,DisplaySize,IPAddr>
; "UBDC" session per <User,BitPerPixel,DisplaySize,Connection>
Policy=Default
[Logging]
LogFile=xrdp-sesman.log
LogLevel=DEBUG
EnableSyslog=1
SyslogLevel=DEBUG
;
; Session definitions - startup command-line parameters for each session type
;
[Xorg]
; Specify the path of non-suid Xorg executable. It might differ depending
; on your distribution and version. The typical path is shown as follows:
;
; Fedora 26 or later : param=/usr/libexec/Xorg
; Debian 9 or later : param=/usr/lib/xorg/Xorg
; Ubuntu 16.04 or later : param=/usr/lib/xorg/Xorg
; Arch Linux : param=/usr/lib/xorg-server/Xorg
; CentOS 7 : param=/usr/bin/Xorg or param=Xorg
;
param=/usr/lib/xorg/Xorg
; Leave the rest paramaters as-is unless you understand what will happen.
param=-config
param=xrdp/xorg.conf
param=-noreset
param=-nolisten
param=tcp
param=-logfile
param=.xorgxrdp.%s.log
[Xvnc]
param=Xvnc
param=-bs
param=-nolisten
param=tcp
param=-localhost
param=-dpi
param=96
[Chansrv]
; drive redirection, defaults to xrdp_client if not set
FuseMountName=thinclient_drives
[SessionVariables]
PULSE_SCRIPT=/etc/xrdp/pulse/default.pa
This way first login attempt fails and second try where i can enter user and password it works fine.
I have the same problem.
In the documentation it is mentioned that:
If the first character received is "Escape" then the unix username will not be displayed after "login:" as it is typed. This could be of use for VNC viewers that automatically type the username and password.
But no way to correct it is presented. Any help will be appreciated.
I added -debug_keyboard option and made more tests.
03/03/2021 18:07:06 Got connection from client 127.0.0.1
03/03/2021 18:07:06 other clients:
03/03/2021 18:07:06 Normal socket connection
03/03/2021 18:07:06 check_access: checking against full string "127.0.0.1"
03/03/2021 18:07:06 check_access: client 127.0.0.1 fullmatch matches host 127.0.0.1
03/03/2021 18:07:06 Disabled X server key autorepeat.
03/03/2021 18:07:06 to force back on run: 'xset r on' (3 times)
03/03/2021 18:07:06 incr accepted_client=1 for 127.0.0.1:37460 sock=12
03/03/2021 18:07:06 rfbUnregisterTightVNCFileTransferExtension: 1
03/03/2021 18:07:06 new client: 127.0.0.1 taking unixpw client off hold.
03/03/2021 18:07:06 Client Protocol Version 3.3
03/03/2021 18:07:06 Protocol version sent 3.3, using 3.3
03/03/2021 18:07:07 Pixel format for client 127.0.0.1:
03/03/2021 18:07:07 32 bpp, depth 24, little endian
03/03/2021 18:07:07 true colour: max r 255 g 255 b 255, shift r 16 g 8 b 0
03/03/2021 18:07:07 no translation needed
03/03/2021 18:07:07 Enabling full-color cursor updates for client 127.0.0.1
03/03/2021 18:07:07 Enabling NewFBSize protocol extension for client 127.0.0.1
03/03/2021 18:07:07 Using raw encoding for client 127.0.0.1
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9110
03/03/2021 18:07:07 # keyboard(up, 0xffe1 "Shift_L") uip=1 8.9117
03/03/2021 18:07:07 # keyboard(up, 0xffe2 "Shift_R") uip=1 8.9118
03/03/2021 18:07:07 # keyboard(up, 0xffe3 "Control_L") uip=1 8.9119
03/03/2021 18:07:07 # keyboard(up, 0xffe4 "Control_R") uip=1 8.9120
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9121
03/03/2021 18:07:07 # keyboard(up, 0xffe9 "Alt_L") uip=1 8.9123
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9124
03/03/2021 18:07:07 # keyboard(up, 0xffea "Alt_R") uip=1 8.9125
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9126
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9128
03/03/2021 18:07:07 # keyboard(up, 0xffe1 "Shift_L") uip=1 8.9129
03/03/2021 18:07:07 # keyboard(up, 0xffe2 "Shift_R") uip=1 8.9130
03/03/2021 18:07:07 # keyboard(up, 0xffe3 "Control_L") uip=1 8.9133
03/03/2021 18:07:07 # keyboard(up, 0xffe4 "Control_R") uip=1 8.9135
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9136
03/03/2021 18:07:07 # keyboard(up, 0xffe9 "Alt_L") uip=1 8.9137
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9138
03/03/2021 18:07:07 # keyboard(up, 0xffea "Alt_R") uip=1 8.9140
03/03/2021 18:07:07 # keyboard(up, 0xff09 "Tab") uip=1 8.9141
All these references to the keyboard in the log occur without any key having been pressed.