From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HJCLC-0001Nq-NV
	for qemu-devel@nongnu.org; Mon, 19 Feb 2007 12:30:18 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HJCL9-0001ND-SB
	for qemu-devel@nongnu.org; Mon, 19 Feb 2007 12:30:18 -0500
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HJCL9-0001N4-Nw
	for qemu-devel@nongnu.org; Mon, 19 Feb 2007 12:30:15 -0500
Received: from mx1.redhat.com ([66.187.233.31])
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1HJCL9-0006Hg-DU
	for qemu-devel@nongnu.org; Mon, 19 Feb 2007 12:30:15 -0500
Date: Mon, 19 Feb 2007 17:30:06 +0000
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [Qemu-devel] QEMU: VNC
Message-ID: <20070219173005.GQ31525@redhat.com>
References: <200702161402.23660.cwolsen@domainatlantic.com>
	<200702181853.41196.cwolsen@domainatlantic.com>
	<Pine.LNX.4.63.0702190112140.22628@wbgn013.biozentrum.uni-wuerzburg.de>
	<200702181930.02485.cwolsen@domainatlantic.com>
	<45D90514.40107@codemonkey.ws>
	<Pine.LNX.4.63.0702190310110.22628@wbgn013.biozentrum.uni-wuerzburg.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.63.0702190310110.22628@wbgn013.biozentrum.uni-wuerzburg.de>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>, qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Anthony Liguori <anthony@codemonkey.ws>

On Mon, Feb 19, 2007 at 03:11:15AM +0100, Johannes Schindelin wrote:
> Hi,
> 
> On Sun, 18 Feb 2007, Anthony Liguori wrote:
> 
> > Christopher Olsen wrote:
> > > Sorry I'll attempt to use the preferred patching method in the future..
> > > 
> > > Secure vnc auth method the default built in method from
> > >   
> > 
> > We can't take a password from a command line.  Supporting VNC auth is 
> > super easy otherwise.  I really think we need to have a config file 
> > before we can do VNC passwords.
> 
> No, you should not do VNC passwords. The default VNC password exchange is 
> insecure and you should not lure users into believing in that false 
> security.

Sure it is insecure over an unencrypted network channel, but if you are
tunnelling the VNC connection over SSH, or have restricted it to only
bind to 127.0.0.1  then AFAIK it is just fine. So supporting VNC password
auth would allow users on a shared machine to secure the console from
other unprivileged users on the same box. Definitely useful over the
current situation where there's no way to secure even the local-only
case. For a serious general purpose authentication I'd like to see the
TLS protocol extension for VNC (as implemented in VeNCrypt) supported
allowing both secure auth & wire encryption.

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=|