[mdlug] Disabling TightVNC Ubuntu 18.04
Carl T. Miller
carl at carltm.com
Fri Nov 6 12:22:11 EST 2020
Hey Peter,
I feel your frustration. You are right about a normal user
not being able to do admin tasks like installing software.
The bit I'm wondering about is your VPN. It's possible that
it is giving permissions to the VPN server to do things.
I'd check the contents of /etc/suders and /etc/suders.d
first. Then I would check what user is running the VPN
and check what permissions it has.
Also try running "ps -ef | grep -i tightvnc" to check if it
is running locally.
Let us know what you find out.
c
On 11/6/20 11:55 AM, Peter Bart wrote:
> Hi All,
> I may need help figuring out what to do with TightVNC. Long story
> follows. The machine is an HP Elitedesk 804 or 70??, runs Ubuntu 18.04
> and uses openconnect to connect to a corporate VPN, and then access
> VMware Horizon and Amazon Workspaces remote desktops. It is my equipment
> and I went thru hell several times getting it set up and keeping it
> running. The standard line I kept hearing was the all to familiar "we
> don't support Linux", and my answer was allways I don't care please send
> me the Win instructions and I'll figure it out. Point of fact, they sent
> out a blanket email to all employee's rejecting all responsibility for
> all things including costs of equipment to set up remote workstation.
> But also requiring remote work..........
>
> Unbeknownst to me the powers that be may have installed TightVNC on my
> machine I have set up as home office. I got a text from my user: "hey
> did you install TightVNC Service? I just had a popup on screen to
> restart, so I did and then noticed TightVNC was recently added". So yes
> my user ignore all my harping and yes she's click happy. The corporate
> response is they need this for remote access when we submit an IT
> support ticket. Pfffffft f**k! Yeah right. My user does not have admin
> rights, and so should not be able to sudo. Is that correct? My user is
> not a member of the sudo group. Also I do not know if TightVNC install
> is on Ubuntu, or one of the remote desktops. Should I even be concerned
> if it's on one or more of the remote desktops? I do want to stop it if
> it's on Ubuntu, and I can use console or Synaptic to get rid of it and
> there are lots of instructions on how to detect and stop the TightVNC
> server from running. I am not currently onsite, so all this is from memory.
>
> The TightVNC faq at <https://tightvnc.com/faq.php#howsecure> " Although
> TightVNC encrypts VNC passwords sent over the net, the rest of the
> traffic is sent as is, unencrypted (for password encryption, VNC uses a
> DES-encrypted challenge-response scheme, where the password is limited
> by 8 characters, and the effective DES key length is 56 bits). So using
> TightVNC over the Internet can be a security risk. To solve this
> problem, we have plans to implement built-in encryption in future
> versions of TightVNC." Because my user connects via VPN am I secure enough?
>
> If TightVNC is installed would the client then be able to access a
> console and say change sudo password? Bottom line I will not give out
> access to a remote user. Never mind whether or not they use strong
> passwords, they don't. I view this as a blatant eavesdropping attempt,
> and given their history and lack of experience will not allow it. Any
> thoughts? I will have to check once I am onsite.
More information about the mdlug
mailing list