Re: [Qemu-devel] QEMU: VNC

[Christopher Olsen]

On Monday 19 February 2007 12:30, Daniel P. Berrange wrote:
> On Mon, Feb 19, 2007 at 03:11:15AM +0100, Johannes Schindelin wrote:
> > Hi,
> >
> > On Sun, 18 Feb 2007, Anthony Liguori wrote:
> > > Christopher Olsen wrote:
> > > > Sorry I'll attempt to use the preferred patching method in the
> > > > future..
> > > >
> > > > Secure vnc auth method the default built in method from
> > >
> > > We can't take a password from a command line.  Supporting VNC auth is
> > > super easy otherwise.  I really think we need to have a config file
> > > before we can do VNC passwords.
> >
> > No, you should not do VNC passwords. The default VNC password exchange is
> > insecure and you should not lure users into believing in that false
> > security.
>
> Sure it is insecure over an unencrypted network channel, but if you are
> tunnelling the VNC connection over SSH, or have restricted it to only
> bind to 127.0.0.1  then AFAIK it is just fine. So supporting VNC password
> auth would allow users on a shared machine to secure the console from
> other unprivileged users on the same box. Definitely useful over the
> current situation where there's no way to secure even the local-only
> case. For a serious general purpose authentication I'd like to see the
> TLS protocol extension for VNC (as implemented in VeNCrypt) supported
> allowing both secure auth & wire encryption.
>
> Dan.

I've Checked out the VeNCrypt.. Looks a little win32 oriented... 

I'm gathering the problem here is that VNC is spinning off in many 
directions...  So any implementation on the QEMU side will of course marry it 
to a particular VNC branch or I had an alternative idea..

That being the authentication can take place inside the VNC before the VM's 
frame buffer is attached.. This way whichever VNC client the enduser is using 
they can auth in.

-Christopher


-- 
Christopher Olsen
address@hidden
Tel: 631-676-4877
Fax: 631-249-3036