[libvirt] [PATCH 1/1] Support for RDP
Pritesh Kothari
Pritesh.Kothari at Sun.COM
Thu Apr 23 12:22:38 UTC 2009
Hi Daniel,
> yes this is a limitation of the impelentation, not of the model, it
> makes more sense to allow multiple graphis entries.
Ok, will do this.
> > feedback about attributes (auth='external' authtimeout='1234') would also
> > be appreciated. Thanks.
>
> auth='external' sounds unclear, what does this mean ? Having the
> timeout hardcoded in the domain config file sounds a bit weird to me
> I would expect the default behaviour to be sufficient, depending on
> the networking layer used.
sorry, i thought i explained it earlier somwhere.
auth="" basically says which authentication method to use, the details are as
below:
1) The "null" method means that there is no authentication at all; any client
can connect to the VRDP server and thus the virtual machine. This is, of
course, very insecure and only to be recommended for private networks.
2) The "external" method provides external authentication through a special
authentication library. VirtualBox comes with two default libraries for
external authentication: On Linux hosts, VRDPAuth.so authenticates users
against the host's PAM system. On Windows hosts, VRDPAuth.dll authenticates
users against the host's WinLogon system. In other words, the "external"
method per default performs authentication with the user accounts that exist
on the host system. However, you can replace the default "external"
authentication module with any other module.
3) The "guest" authentication method performs authentication with a special
component that comes with the Guest Additions; as a result, authentication is
not performed with the host users, but with the guest user accounts.
regarding authtimeout='5000', i guess it would do with default.
Regards,
Pritesh
More information about the libvir-list
mailing list