[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (se
From: |
Paul Moore |
Subject: |
Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode |
Date: |
Thu, 03 May 2012 16:54:48 -0400 |
User-agent: |
KMail/4.8.2 (Linux/3.3.4-gentoo; KDE/4.8.2; x86_64; ; ) |
On Thursday, May 03, 2012 04:54:42 PM Alexander Graf wrote:
> On 02.05.2012, at 21:32, Paul Moore wrote:
> > FIPS 140-2 requires disabling certain ciphers, including DES, which is
> > used
> > by VNC to obscure passwords when they are sent over the network. The
> > solution for FIPS users is to disable the use of VNC password auth when
> > the
> > host system is operating in FIPS mode.
> >
> > This patch causes qemu to emit a syslog entry indicating that VNC password
> > auth is disabled when it detects the host is running in FIPS mode, and
> > unless a VNC password was specified on the command line it continues
> > normally. However, if a VNC password was given on the command line, qemu
> > fails with an error message to stderr explaining that VNC password auth is
> > not allowed in FIPS mode.
>
> I just talked to Roman about this one and he had some comments :)
I'm sure he did :)
--
paul moore
security and virtualization @ redhat
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, (continued)
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Alexander Graf, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Alexander Graf, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Alexander Graf, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Paul Moore, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Alexander Graf, 2012/05/03
Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Paul Moore, 2012/05/03
Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Alexander Graf, 2012/05/03
- Re: [Qemu-devel] [PATCH v2] vnc: disable VNC password authentication (security type 2) when in FIPS mode,
Paul Moore <=