VNC client Encryption method unsupported security type

book

Article ID: 187144

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

We have some target servers RedHat 7, on the servers, system team config VNC encryption with some type: TLSVNC, TLSPlain, X509None, X509Vnc, X509Plain.

But CA PAM can't access the target server by using the VNC method, with the warning "unsupported security type. No Security type supported. Server sent '[19,19]' security type, but we do not support any of their."

Does CA PAM support connection to the target server via the VNC encryption method?


Cause

The VNC implementation is not TLS.  From the desktop to PAM it goes through a TLS tunnel (UP>spfd) but thereafter is in the clear if you are using the embedded VNC client.

Environment

Release : 3.3.x

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

Currently we don't have a solution for this, VNC Encryption support is not yet on the Product road map, if this is required do open as an idea under the 'ideation' tab of Braodcom Communities.