|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: [PATCH][Take 2] VNC authentification
Daniel P. Berrange wrote: On Sun, Oct 01, 2006 at 03:53:33AM +0900, Masami Watanabe wrote:Hi Dan, I post patch that reflects your point. However, Now, I can not use standard VNC clients to server. therefore, I cannot do final test. It becomes possible on next Tuesday. Please forgive my post, it is current update.The Python XenD bits of your latest patch all look good to me now - thanks for taking time to address the issues.I've compiled the patches against latest Xen going into Fedora Core 6, and the password authentication does appear to be working as expected.Only issue was that I forgot the password in the VM config file needed to be the base64 encoded, DES-encrypted format - once I sorted thatout it worked fine.--- a/tools/examples/xend-config.sxp Wed Sep 27 17:49:22 2006 +0100 +++ b/tools/examples/xend-config.sxp Sun Oct 01 02:13:06 2006 +0900 @@ -130,3 +130,7 @@# The tool used for initiating virtual TPM migration#(external-migration-tool '') + +# The default password for VNC console on HVM domain. +# Empty string is no authentication. +(vncpasswd '')We should add a note about this needing to be the base-64 encoded, DES encrypted password, rather than plain text. Why even bother encrypting the password? We're using a well known DES key so there is no security here. A user must still take appropriate precautions to protect the config files. In fact, I think munging the password like this gives a false sense of security. Regards, Anthony Liguori _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |