Description of problem: The vncviewer with Fedora 23 seems to only support VncAuth for SecurityType. I have a 1.5.0 tigervnc server running which usually uses TLSPlain and PAM for Authentication and the vncviewer in Fedora 23 doesn't work with it. The Binary's from tigervnc.org (OSX and Windows), and the RPMs there for EL5 and 6 work just fine. I cycled through all of the available security types on the server one by one i.e. run 1: -SecurityTypes=TLSPlain, run2: -SecurityTypes=TLSVnc, run 3: -SecurityTypes=VncAuth, etc. With the Fedora version This fails with the error: "No matching security types" until I get to VncAuth, which then succeeds. When I enable all SecurityTypes on the tigervnc server, the Fedora vncviewer ends up negotiating VncAuth (no surprise) where the binaries from tigervnc.org end up selecting TLSPlain (which is what I'd want). For now I'm using Remmina as my viewer (which works) but I the performance of the tigervnc vncviewer is so much better and more configurable than Remmina... Version-Release number of selected component (if applicable): tigervnc-1.5.0-3.fc23.x86_64 How reproducible: Everytime I launch vncviewer to a server that doesn't have VncAuth as a SecurityType Steps to Reproduce: 1. Have a TigerVNC Server with a config that doesn't allow VncAuth like "-SecurityTypes=TLSPlain -PlainUsers=me -PAMService=login" 2. Launch vncviewer i.e vncviewer my.machine:1 or vncviewer Actual results: See error: No matching security types Expected results: A prompt to enter username and credentials Additional info: Looking at tigervnc's own rpm and docs, it seems like the Fedora vncviewer could have been compiled without gnutls support.
Might be related to this bug: https://bugzilla.redhat.com/show_bug.cgi?id=692048 Can you try the scratch build below which has the fix above disabled? Scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=11800861
The scratch build worked just fine.
This issue came back with tigervnc-1.5.0-4.fc23.x86_64
That's because I didn't change or remove that patch yet, I'll get to it when I have some time, the new build was just rebuild against latest xorg-11-server.
tigervnc-1.6.0-4.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-a4d8082776
tigervnc-1.6.0-4.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-a4d8082776
tigervnc-1.6.0-4.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
Dropping that patch has broken tigervnc in F24, at least. The installation images use it like this (I added the -Log for debugging): 21:52:13,346 INFO program: Running... Xvnc :1 -depth 16 -br -Log *:stderr:100 IdleTimeout=0 -auth /dev/null -once DisconnectClients=false desktop=Fedora 24 installation on host 192.168.101.102 SecurityTypes=None rfbauth=0 21:52:16,254 INFO program: Running... //usr/bin/vncconfig -nowin -display :1 21:52:16,301 INFO program: Running... metacity --display :1 --sm-disable When I try to connect with vinagre it logs this: Tue May 31 21:52:25 2016 Connections: accepted: 192.168.101.5::43650 XserverDesktop: new client, sock 13 SConnection: reading protocol version SConnection: Client needs protocol version 3.8 SConnection: processing security type message SConnection: Client requests security type VeNCrypt(19) SConnection: processing security message SConnection: processing security message SConnection: processing security message XserverDesktop: client gone, sock 13 Connections: closed: 192.168.101.5::43650 (Clean disconnection) EncodeManager: Framebuffer updates: 0 EncodeManager: Total: 0 rects, 0 pixels EncodeManager: 0 B (1:-nan ratio) Nightly builds with 1.6.0-4 are failing. A Previous nightly, with 1.6.0-3, works fine. It looks like the patch you dropped also dropped accepting VeNCrypt.
Proposed as a Blocker for 25-alpha by Fedora user bcl using the blocker tracking app because: Updated tigervnc-1.6.0-4 breaks inst.vnc on the installer boot.iso
Just to clarify, I am talking about the netinst boot.iso where you pass inst.vnc to start Xvnc in the installer environment. You cannot connect with any of the regularly available clients, like vinagre.
*** Bug 1340688 has been marked as a duplicate of this bug. ***
Sorry about that, I meant to make this a F24 Final Blocker not F25 Alpha.
+1 blocker, clearly violates "When using a dedicated installer image, the installer must be able to complete an installation using the text, graphical and VNC installation interfaces." - https://fedoraproject.org/wiki/Fedora_24_Alpha_Release_Criteria#Installation_interfaces
tigervnc-1.6.0-5.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-5714267e09
I pushed a new build to Fedora 24/25 enabling the previous patch again for now. I'll try to find a way to make this work on both sides.
Could you please also test the build below? I would like to know whether it fixes the original issue and doesn't break other clients like vinagre. Scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=14337240
The scratch build works for me when using PAM.
Ok, now I need a confirmation that it works even with vinagre.
(In reply to Jan Grulich from comment #18) > Ok, now I need a confirmation that it works even with vinagre. Works great, thanks. I built a f24 boot.iso with the update and it works fine.
I wanted to know whether it works with the scratch build from comment 16, the package from update is the same as it was before and thus doesn't work when using PAM.
By 'update' I meant the scratch build, 1.6.0-6 works fine :)
tigervnc-1.6.0-6.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-5714267e09
+1 blocker
that's 3 +1s (plus bcl) and this seems fairly clear-cut, so setting AcceptedBlocker.
bcl: joel: could you verify with the official build and give it karma please? thanks!
This was reported verified by bcl and joel.
tigervnc-1.6.0-6.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.