[Libvirt] VNC auth per VM

Garry Dolley gdolley at arpnetworks.com
Thu Jun 11 08:40:38 UTC 2009


On Thu, Jun 11, 2009 at 04:05:39AM -0400, Jim Paris wrote:
> Daniel P. Berrange wrote:
> > On Mon, Jun 08, 2009 at 11:35:00AM +0200, Christian Weyermann wrote:
> > > Hello everybody,
> > > 
> > > I encountered the following problem. I want my users to only be able to
> > > connect to their own virtual machines via VNC. Is there any way to do so?
> > 
> > The VNC authentication setup is currently being done per-host, so there
> > is no way to define ACLs per-(user,vm) tuple as you describe.
> 
> What about the VNC password?
> That's per-VM, isn't it?

With KVM/QEMU, you can set a VNC password per VM.

But I think it is either/or though; you can use VNC with passwords
(no encryption), or use VNC with TLS, which is encrypted, but anyone
with a valid certificate can connect (to any VM).

Someone correct me if I'm wrong on that.

-- 
Garry Dolley
ARP Networks, Inc. | http://www.arpnetworks.com | (818) 206-0181
Data center, VPS, and IP Transit solutions
Member Los Angeles County REACT, Unit 336 | WQGK336
Blog http://scie.nti.st




More information about the libvir-list mailing list