Subscribe to Help Center RSS FeedYou can use the VNC protocol to access your devices through the VaultOne PAM platform. Unlike other connection protocols like SSH or RDP, VNC requires additional configuration, including a VNC server to be configured directly on the target device. This configuration is external and not managed by the VaultOne PAM platform.
This guide outlines the requirements for the external VNC server and the necessary configurations within VaultOne to establish a successful connection.
Understanding VNC Authentication Requirements
The setup and management of the VNC server occur outside of the VaultOne platform. Because VNC server implementations vary, specific configurations may differ. The following are universal requirements for use with VaultOne:
- A VNC server must be installed and configured on the target device.
- The VNC server must be set to use password-based authentication. VaultOne does not support other authentication methods like certificates or keys for VNC connections, even if a specific VNC server offers them.
Configuring VaultOne PAM
When registering the device in VaultOne, you must configure one specific option:
- In the VaultOne platform, go to Servers > + Add Computer > Access Protocol and select the Disable Clipboard option.
RealVNC Configuration Example
The following is an example of a VNC Server configuration using RealVNC:
- Under Security, you must set the following two options:
- Encryption: ALWAYS OFF
- Authentication: VNC password
See the following RealVNC articles to learn more about configuring RealVNC with password-based authentication and the required encryption settings:
- See RealVNC's support documentation for Setting up VNC Password to learn about configuring password-based authentication.
- See RealVNC's support documentation for RealVNC Server Parameter Reference – Encryption to learn how to set the encryption setting to Always Off.
In this Article