[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] QEMU: VNC

From: Anthony Liguori
Subject: Re: [Qemu-devel] QEMU: VNC
Date: Thu, 22 Feb 2007 10:35:38 -0600
User-agent: Thunderbird (X11/20070103)

Johannes Schindelin wrote:

On Thu, 22 Feb 2007, Luke-Jr wrote:

Is there a reason to not use the semi-standard -rfbauth <filename> argument?

I would be happy with a patch that allowed a password to be set from the monitor. Storing a password in a file on disk is, IMHO, ugly. If no one beats me to it, I'll probably write something up this weekend.

Yes. The authentication is not really secure. It only uses 16 bits if I remember correctly, so even without access to <filename>, it can be easily broken.

The common practice is to block after 3 attempts, but there are ways around that, too.

RFB authentication is not secure for a few reasons. The first is that passwords are limited to 8 characters and constant padding for passwords shorter than 8. Furthermore, the challenge/response mechanism is prone to man-in-the-middle attacks and replay attacks. Triple DES is not a very good encryption method either by modern standards.

For all practical purposes, it's a plain-text equivalent authentication mechanism. However, it's widely supported, and provides a useful feature so it's worth supporting.

For real security, TLS integration is most certainly the way to go. I want to make sure anything we do though doesn't violate the RFB spec so we have to validate the the authentication ids are reserved and the protocol isn't violated in anyway (realizing there's no absolutely secure way to do RFB and still be compatible to the spec).


Anthony Liguori


Qemu-devel mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]