Skip to content

Latest commit

 

History

History
70 lines (57 loc) · 3.1 KB

AES.md

File metadata and controls

70 lines (57 loc) · 3.1 KB
Raw

Use this option if you can securely distribute the AES key to each client.
It is somewhat similar to SSL mode with a self-signed certificate.

Xpra's AES encryption layer uses the python cryptography library to encrypt the network packets with AES-256 - Advanced Encryption Standard in CBC - Cipher Block Chaining, GCM - Galois/Counter Mode, CTR - Counter Mode or CFB - Cipher_feedback.

The encryption key can be stored in a keyfile or specified using the keydata socket option. If neither is present and an authentication module was used, the password will be used as key data.
The key data is stretched using PBKDF2(Password-Based Key Derivation Function 2).
The salts used are generated using Python's os.urandom() which is suitable for cryptographic use

Caveats:

  • it is also possible to run in AES-128 or AES-192 mode but this is not recommended
  • the HTML5 client currently does not support GCM mode: Xpra-org/xpra-html5#94
  • older servers and clients only support CBC mode

For step by step instructions on setting up AES, expand:

AES Usage Example

generate a key:

uuidgen > ./key.txt

start a server:

xpra start --start=xterm \
     --bind-tcp=0.0.0.0:10000,encryption=AES,keyfile=key.txt
  • client:
xpra attach "tcp://localhost:10000/?encryption=AES&keyfile=./key.txt"

Modes

Starting with version 4.3, the client can specify the exact AES encryption mode to use: encryption=AES-GCM.

Older syntax

Prior to version 4.1, the encryption is configured globally, for all TCP sockets, using the following syntax:

xpra start --start=xterm \
     --bind-tcp=0.0.0.0:10000 \
     --tcp-encryption=AES --tcp-encryption-keyfile=key.txt

xpra attach tcp://$HOST:10000 --tcp-encryption=AES --tcp-encryption-keyfile=./key.txt
Specifying the key data

keydata

With newer versions, instead of using the keyfile option, it is also possible to inline the keydata value in the bind and attach strings:

  • keydata=0x... for hexadecimal encoded keys
  • keydata=base64:... for base64 encoded keys
  • keydata=... for plain text keys

One major disadvantage is that the key data may be leaked in the process list.
However, it may be easier in some cases to generate commands that do not require extra files to run.

Debugging

To verify that your client connection is using AES, look for cipher=AES:

xpra info | grep cipher=

To enable debugging, use the -d crypto debug logging option.