Better Authentication

[NickSica]

I was wondering if there were any plans for better authentication maybe with LDAP or PAM integration? I'd be happy to tackle this in my free time if not and any resources you have to help program it would be appreciated.

[any1]

What do you mean with "better authentication"?

I think that LDAP or PAM integration is probably out-of-scope for this project. It's up to the user of the library to authenticate the user when receiving an authentication callback from the library. See: https://github.com/any1/neatvnc/blob/master/include/neatvnc.h#L49

PRs are welcome. Which authentication methods do you plan to implement?

[NickSica]

Well other vnc servers give the option for PAM which could plug into any authentication module from there so PAM would probably be my go-to as it allows any others from there easily. It's a better way to store username and password than in a plain text, in my opinion. I'll see if I can get something up and running.

[NickSica]

I knew it was going to be daunting, but it may not be worth the trouble. Some of the VNC Viewers state being able to use PAM authentication, but it may just be with their VNC Servers which is a bit annoying. Might just close and move on.

[any1]

I think I understand now. You want to be able to use PAM authentication in wayvnc, right? You could add a setting in the config file to enable that for a set of users and then have wayvnc ask PAM if the user's password is correct.

See https://github.com/any1/wayvnc/blob/master/src/main.c#L464

[NickSica]

Ok thank you for leading me to the right place. I got authentication working, albeit at a kind of basic level basically just barebones PAM. This is being resolved in the wayvnc repo, so I'll close it out.