From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Daniel P. Berrange" <berrange-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: Re: web interface?
Date: Tue, 31 Jul 2007 19:05:28 +0100
Message-ID: <20070731180528.GH18730@redhat.com>
References: <46AF5AC7.7080509@pjr.cc> <1185899610.6486.273.camel@fuego>
Reply-To: "Daniel P. Berrange" <berrange-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
To: Matthew Kent <matt-7g3wz9A/6AxWk0Htik3J/w@public.gmane.org>
Return-path: <kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
Content-Disposition: inline
In-Reply-To: <1185899610.6486.273.camel@fuego>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/kvm-devel>,
	<mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=kvm-devel>
List-Post: <mailto:kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
List-Help: <mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/kvm-devel>,
	<mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=subscribe>
Sender: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Errors-To: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
List-Id: kvm.vger.kernel.org

On Tue, Jul 31, 2007 at 09:33:30AM -0700, Matthew Kent wrote:
> >  The problem is security, 
> > Authenticating users on the page is simple enough, but i cant see a 
> > method by which i could put a password on the vnc port in qemu?
> > 
> 
> http://fedoraproject.org/wiki/Releases/FeatureVirtSecurity is a project
> tasked with improving VNC security among other things, right now qemu
> doesn't have many options in that regard.

Yep, this is the code I'm just finishing off now in preparation for review
on QEMU mailing lists.

> > Ideally, what i would like to be able to do is when someone accesses the 
> > console it sets the password randomly, then embed's it into the request. 
> > Once everyone disconnects it resets the password (but thats not quite so 
> > important at this point).
> > 
> 
> Xen has patches to qemu vnc for supporting passwords if you need a
> starting point. Though iirc they are pulled from the xenstore or
> whatever they call it, so it would need some work I'd imagine.

The Xenstore integration made it pretty useless as a basis for password
support in general QEMU codebase :-(

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/