[libvirt-users] acceptable SASL mechanisms/can libvirt authenticate against PAM
Daniel P. Berrange
berrange at redhat.com
Wed Dec 14 09:13:32 UTC 2011
On Tue, Dec 13, 2011 at 10:57:25PM -0500, Dave Allan wrote:
> I was playing with SASL authentication a bit today and I wasn't able
> to get libvirt to authenticate against PAM (or anything else except
> the sasldb, although I didn't try Kerberos). Does anybody know off
> the top of their head what mechanisms/password check options work?
> I'm trying to figure out if I'm attempting the impossible.
If you are configuring SASL for the tcp socket it will refuse to use
SASL mechanisms which do not support encryption, which is all of them
except Kerberos or Digest-MD5.
If you are configuring SASL for the TLS socket it will allow any
SASL mechanism, since TLS provides the encryption
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvirt-users
mailing list