Re: [Libvirt] VNC auth per VM
On Thu, Jun 11, 2009 at 04:05:39AM -0400, Jim Paris wrote:
Daniel P. Berrange wrote:
> On Mon, Jun 08, 2009 at 11:35:00AM +0200, Christian Weyermann wrote:
> > Hello everybody,
> >
> > I encountered the following problem. I want my users to only be able to
> > connect to their own virtual machines via VNC. Is there any way to do so?
>
> The VNC authentication setup is currently being done per-host, so there
> is no way to define ACLs per-(user,vm) tuple as you describe.
What about the VNC password?
That's per-VM, isn't it?
With KVM/QEMU, you can set a VNC password per VM.
But I think it is either/or though; you can use VNC with passwords
(no encryption), or use VNC with TLS, which is encrypted, but anyone
with a valid certificate can connect (to any VM).
Someone correct me if I'm wrong on that.
--
Garry Dolley
ARP Networks, Inc. | http://www.arpnetworks.com | (818) 206-0181
Data center, VPS, and IP Transit solutions
Member Los Angeles County REACT, Unit 336 | WQGK336
Blog http://scie.nti.st