[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] securing the vnc pvfb




I would like to allow users to install their own paravirtualized DomUs using tools like virt-install. one way to make this possible is to give the users access to the vnc console that the pvfb driver enables.

The question is this: how do I secure access to this? from what I read of vnc security, simply leaving it open isn't much of an option. I could setup a second machine that my users would have to setup a ssh tunnel through to get to it, but that removes some of the "easy and intuitive to use" bit that the vnc console provides. (not that this is unacceptable; my entire business model has been that there are people that know what they are doing, and that those people are an undeserved market... right now, I require all my customers to understand how to generate and send me a OpenSSH public keys... still, the easier, the better.)

So yeah, is anyone else opening the vnc console to customers? how do you go about securing it?

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.