From: "Daniel P. Berrange" <berrange@redhat.com>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] QEMU: VNC
Date: Tue, 20 Feb 2007 01:05:09 +0000 [thread overview]
Message-ID: <20070220010509.GC5172@redhat.com> (raw)
In-Reply-To: <45DA44C2.6000601@codemonkey.ws>
On Mon, Feb 19, 2007 at 06:45:54PM -0600, Anthony Liguori wrote:
> Daniel P. Berrange wrote:
> >On Mon, Feb 19, 2007 at 06:37:39PM -0500, Christopher Olsen wrote:
> >
> >>On Monday 19 February 2007 17:52, Fabrice Bellard wrote:
> >>
> >>>On the technical side, adding OpenSSL support in the current VNC
> >>>implementation is QEMU seems easy (OpenSSL has a non blocking API which
> >>>can be used with the current callback API).
> >>>
> >>>Fabrice.
> >>>
> >>>
> >>Good call... Let me look into that.
> >>
> >
> >Actually OpenSSL has some potential licensing issues when combined with
> >GPL code so I'd avoid it. The GNU TLS library, however, is just as easy
> >to integrate into existing programs - I've modified a number of apps to
> >use it very successfully. Or if you want support for all manner of
> >crypto key management hardware devices, there's also Mozilla NSS libraries.
> >All support non-blocking APIs, so aside from the extra code to do the TLS
> >handshake and key verification, there's little modification needed to
> >the main codebase - eg for GNU TLS once handshake is complete you can
> >simply replace read()/write() calls with gnutls_read() / gnutls_write()
> >
>
> While this is all well and good, there is still the fundamental problem
> of how does one associate credentials with a VM. The actual security
> mechanism is, IMHO, just an implementation detail.
Well there's a number of plausible options
- Password, but using challenge/resonse (either plain or TLS channel)
- Simple password (assuming a TLS encypted channel)
- Whitelist based on client TLS certificate (common name/fingerprint)
- Auth against PAM using same username of qemu process owner (asume TLS)
While in general I don't think it makes much sense to tie it into the
host system auth scheme (because VM administrators don't map onto UNIX
accounts in the general case), the latter would be useful for developers
not wishing to setup dedicated auth. There's probably more suggestions,
but I reckon those would cover a pretty wide base of deployment scenarios
from individual developers to large corporate deployment.
I wouldn't really want to translate all these schemes into a 1000 command
line flags though, so the earlier point in the thread about a QEMU config
file becomes very relevant
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
next prev parent reply other threads:[~2007-02-20 1:05 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-16 19:02 [Qemu-devel] QEMU: VNC Christopher Olsen
2007-02-16 20:57 ` Anthony Liguori
2007-02-18 20:36 ` Christopher Olsen
2007-02-18 23:08 ` Anthony Liguori
2007-02-18 23:53 ` Christopher Olsen
2007-02-19 0:14 ` Johannes Schindelin
2007-02-19 0:30 ` Christopher Olsen
2007-02-19 0:41 ` Johannes Schindelin
2007-02-19 2:01 ` Anthony Liguori
2007-02-19 2:11 ` Johannes Schindelin
2007-02-19 2:48 ` Anthony Liguori
2007-02-19 12:19 ` Christopher Olsen
2007-02-19 14:53 ` Johannes Schindelin
2007-02-19 17:16 ` Christopher Olsen
2007-02-19 17:30 ` Daniel P. Berrange
2007-02-19 17:41 ` Christopher Olsen
2007-02-19 19:09 ` Daniel P. Berrange
2007-02-19 19:29 ` Christopher Olsen
2007-02-19 22:52 ` Fabrice Bellard
2007-02-19 23:37 ` Christopher Olsen
2007-02-20 0:36 ` Daniel P. Berrange
2007-02-20 0:45 ` Anthony Liguori
2007-02-20 0:53 ` Christopher Olsen
2007-02-20 1:05 ` Daniel P. Berrange [this message]
2007-02-20 1:11 ` Johannes Schindelin
2007-02-20 1:18 ` Christopher Olsen
2007-02-20 19:46 ` Joe Batt
2007-02-20 1:15 ` [Qemu-devel] FreeBSD Support Christopher Olsen
2007-02-20 1:46 ` Paul Brook
2007-02-20 2:10 ` Christopher Olsen
2007-02-20 2:41 ` Paul Brook
2007-02-20 3:26 ` Christopher Olsen
2007-02-24 19:08 ` Juergen Lock
2007-02-24 20:54 ` Leonardo Reiter
2007-02-26 0:12 ` andrzej zaborowski
2007-03-03 22:12 ` Thiemo Seufer
2007-03-05 7:38 ` andrzej zaborowski
2007-02-19 23:58 ` [Qemu-devel] QEMU: VNC Johannes Schindelin
2007-02-19 0:11 ` Johannes Schindelin
2007-02-19 0:25 ` Christopher Olsen
-- strict thread matches above, loose matches on Subject: below --
2007-02-22 5:19 Luke-Jr
2007-02-22 16:22 ` Johannes Schindelin
2007-02-22 16:35 ` Anthony Liguori
2007-02-22 16:39 ` Christopher Olsen
2007-02-22 17:18 ` Johannes Schindelin
2007-02-22 17:29 ` Anthony Liguori
2007-02-22 17:35 ` Johannes Schindelin
2007-02-22 17:55 ` Leonardo Reiter
[not found] ` <200702221044.48581.luke@dashjr.org>
2007-02-22 17:27 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070220010509.GC5172@redhat.com \
--to=berrange@redhat.com \
--cc=anthony@codemonkey.ws \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).