From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anthony Liguori <aliguori@us.ibm.com>
Subject: Re: Individual passwords for guest VNC servers ?
Date: Fri, 22 Sep 2006 09:03:47 -0500
Message-ID: <4513ED43.2020007@us.ibm.com>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D572606@liverpoolst.ad.cl.cam.ac.uk><JB2006092221043832.34149296@jp.fujitsu.com>	<20060922131246.GD31773@redhat.com>
	<3AAA99889D105740BE010EB6D5A5A3B202A30D@paddington.ad.cl.cam.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <3AAA99889D105740BE010EB6D5A5A3B202A30D@paddington.ad.cl.cam.ac.uk>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk>
Cc: xen-devel@lists.xensource.com, "Daniel P. Berrange" <berrange@redhat.com>, Masami Watanabe <masami.watanabe@jp.fujitsu.com>
List-Id: xen-devel@lists.xenproject.org

Ian Pratt wrote:
>> Passing around passwords either on the command line, or environment is
>>     

VNC password is very easy to support.  The only problem is storing the 
password (as everyone seems to understand).  One thing I want to point 
out though is that the VNC password is almost plain-text equiv at this 
point.

There are some more interesting things that can be done to secure VNC 
(like tunnel it through ssh).  It would be nice to consider automating 
this sort of thing if we're going to try and attempt to implement 
security features.

Regards,

Anthony Liguori