Re: [Qemu-devel] QEMU: VNC

[Anthony Liguori <anthony@codemonkey.ws>]

Luke -Jr wrote:
> On Thursday 22 February 2007 10:35, you wrote:
>   
>> I would be happy with a patch that allowed a password to be set from the
>> monitor.  Storing a password in a file on disk is, IMHO, ugly.  If no
>> one beats me to it, I'll probably write something up this weekend.
>>     
>
> That doesn't make it too simple to start a qemu session without a human 
> present. It also means there's a vulnerable window of time without a 
> password.
>   

In my patch queue, I have a patch that adds a null VNC target along with 
another patch to allow you to change what the VNC server listens to in 
the monitor.

I also have a small program that lets you execute monitor commands 
outside of QEMU (assuming the monitor is a unix socket).

So, without human intervention, you would do:

qemu -vnc null ...
connect to monitor and set password
connect to monitor and change vnc server to listen on :3

Regards,

Anthony Liguori

>> For real security, TLS integration is most certainly the way to go.  I
>> want to make sure anything we do though doesn't violate the RFB spec so
>> we have to validate the the authentication ids are reserved and the
>> protocol isn't violated in anyway (realizing there's no absolutely
>> secure way to do RFB and still be compatible to the spec).
>>     
>
> Well, in theory I can use iptables to restrict connections only from an 
> individual local user (--uid-owner) and thus require SSH authentication, but 
> I'm not sure how simple that will be to do from Java...
>
>