rfbNoAuth and rfbVncAuth are not actually part of VeNCrypt, however it is important to support them to ensure better compatibility. When establishing a connection, the client does not know whether the server supports encryption, and always prefers VeNCrypt if enabled. Next, if encryption is not available on the server, the connection will fail. Since the RFB doesn't have any downgrade methods in case of failure, a client that does not support unencrypted VeNCrypt methods will never be able to connect.
rfbVeNCryptPlain is also supported for better compatibility.
Following https://github.com/LibVNC/libvncserver/issues/458
rfbNoAuth
andrfbVncAuth
are not actually part of VeNCrypt, however it is important to support them to ensure better compatibility. When establishing a connection, the client does not know whether the server supports encryption, and always prefers VeNCrypt if enabled. Next, if encryption is not available on the server, the connection will fail. Since the RFB doesn't have any downgrade methods in case of failure, a client that does not support unencrypted VeNCrypt methods will never be able to connect.rfbVeNCryptPlain
is also supported for better compatibility.The RFB specification also considers any ordinary subauths valid, which legitimizes this solution:
For security and backward compatibility reasons, encrypted connections take precedence over unencrypted ones