Re: [libvirt] RFC: virt-console
On Tue, Jul 01, 2008 at 07:26:44PM +0100, John Levon wrote:
On Tue, Jul 01, 2008 at 07:14:04PM +0100, Daniel P. Berrange wrote:
> > > okay, I wasn't sure it was the plan and I was asking. As Dan pointed
> > > out it's the right approach, okay, I'm just surprized.
> >
> > To be clear, we'd love to see a remote console implementation happen,
> > it's just not a priority for us right now.
>
> Newer QEMU also supports the 'telnet' protocol, so we might be better off
> just telling people to use a telnet client, and keep this for local only
> PTY based console access.
Indeed, this is what we're doing for debugging purposes, and it already
works (for HVM only). But of course it's not secure yet, so it's really
no better than just sshing to run virsh console locally.
I've no idea just how much work it'd be, but IIRC there is a telnet extension
to layer in Kerberos for both auth & session encryption. Might be something
to think about in the future, since it'd allow secure console access without
having to give out a shell account on the host machine
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|