Menu
▾
▴
Re: [rdesktop-users] SSL certificate check
|
From: Chris C. <xr...@xr...> - 2015-06-27 02:45:44
|
Even if there’s not an rdesktop switchy way to do this, it might be pretty easy to wrap rdesktop in a script to check the cert and pop an error if the cert fails, using openssl, you could do something like: openssl s_client -connect $1:3389 Then search for verify return or something else we can believe to make sure the cert is valid, then you throw an “are you sure" dialog if it doesn’t pass the test? > On Jun 26, 2015, at 12:25 , Julian J. M. <jul...@gm...> wrote: > > Hi, > > I'm using rdesktop with SSL enabled RDP servers, some with self-signed and some with purchased thirdparty certificates. > > The windows TS client warns when connecting to a server with a self-signed cert, but rdesktop makes absolutely no difference, which makes it less secure, as you could be subject to a MitM without noticing it. > > Is there any way to force the verification of the server certificate and that it matches the host name? > > I'm using version 1.8.3: > $ rdesktop server.host > ERROR: Failed to open keymap en-us > ERROR: CredSSP: Initialize failed, do you have correct kerberos tgt initialized ? > Connection established using SSL. > WARNING: Remote desktop does not support colour depth 24; falling back to 16 > > Thanks, > Julian. > ------------------------------------------------------------------------------ > Monitor 25 network devices or servers for free with OpManager! > OpManager is web-based network management software that monitors > network devices and physical & virtual servers, alerts via email & sms > for fault. Monitor 25 devices for free with no restriction. Download now > http://ad.doubleclick.net/ddm/clk/292181274;119417398;o_______________________________________________ > rdesktop-users mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-users |
