[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] securing the vnc pvfb

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: "Luke S. Crawford" <lsc@xxxxxxxxx>
Date: Sun, 3 Jun 2007 16:02:06 -0700 (PDT)
Cc: chris@xxxxxxxxx
Delivery-date: Sun, 03 Jun 2007 16:00:32 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

I would like to allow users to install their own paravirtualized DomUsusing tools like virt-install. one way to make this possible is to givethe users access to the vnc console that the pvfb driver enables.

The question is this: how do I secure access to this? from what I readof vnc security, simply leaving it open isn't much of an option. I couldsetup a second machine that my users would have to setup a ssh tunnelthrough to get to it, but that removes some of the "easy and intuitive touse" bit that the vnc console provides. (not that this is unacceptable;my entire business model has been that there are people that know whatthey are doing, and that those people are an undeserved market... rightnow, I require all my customers to understand how to generate and send mea OpenSSH public keys... still, the easier, the better.)

So yeah, is anyone else opening the vnc console to customers? how do yougo about securing it?


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Prev by Date: [Xen-users] WinXP cannot partition disk
Next by Date: [Xen-users] Xen and iptables
Previous by thread: [Xen-users] WinXP cannot partition disk
Next by thread: [Xen-users] Xen and iptables
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.