[libvirt] RFC: virt-console
Daniel P. Berrange
berrange at redhat.com
Tue Jul 1 18:39:42 UTC 2008
On Tue, Jul 01, 2008 at 07:26:44PM +0100, John Levon wrote:
> On Tue, Jul 01, 2008 at 07:14:04PM +0100, Daniel P. Berrange wrote:
>
> > > > okay, I wasn't sure it was the plan and I was asking. As Dan pointed
> > > > out it's the right approach, okay, I'm just surprized.
> > >
> > > To be clear, we'd love to see a remote console implementation happen,
> > > it's just not a priority for us right now.
> >
> > Newer QEMU also supports the 'telnet' protocol, so we might be better off
> > just telling people to use a telnet client, and keep this for local only
> > PTY based console access.
>
> Indeed, this is what we're doing for debugging purposes, and it already
> works (for HVM only). But of course it's not secure yet, so it's really
> no better than just sshing to run virsh console locally.
I've no idea just how much work it'd be, but IIRC there is a telnet extension
to layer in Kerberos for both auth & session encryption. Might be something
to think about in the future, since it'd allow secure console access without
having to give out a shell account on the host machine
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list