10:03 a.m.
Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server
was listening but I did not connect to its proper port (why libvirt
doesn't use <IP>:<domU id> kind of vnc connection and restricts the
server to local host only by default?).
Regards,
Glen
On 5/31/07, Glen Deem <xen.inbox@XXXXXXXXX> wrote:
Hi all,
I've created an HVM guest under RHES 5 (Xen 3.0.3) using "xm create"
but I cannot access it with vncviewer.
The Virtual Machine Manager also informs about graphics console unavailability.
What am I doing wrong, please?
I do
> vncviewer 123.456.789.123:4,
where 4 is the guest id.
This is the xm config file is:
name = "hvmGuest"
builder = "hvm"
memory = "500"
disk = [ 'file:/var/lib/red-hat.img,hda,w', ]
vif = [ 'type=ioemu, mac=00:16:3e:34:3b:ba, bridge=xenbr0', ]
device_model = "/usr/lib/xen/bin/qemu-dm"
kernel = "/usr/lib/xen/boot/hvmloader"
vnc=1
vncunused=1
apic=1
acpi=1
pae=1
vcpus=1
serial = "pty"
on_reboot = 'restart'
on_crash = 'restart'
Thanks a lot in advance.
Glen from Ottawa, Canada
10:09 a.m.
New subject: [Libvir] Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
On Fri, Jun 01, 2007 at 11:03:36AM -0400, Glen Deem wrote:
Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc
server
was listening but I did not connect to its proper port (why libvirt
doesn't use <IP>:<domU id> kind of vnc connection and restricts the
server to local host only by default?).
VNC authentication is an utter joke. It can be trivially brute forced
so exposing it on a public IP address is not a good idea, hence the
default is 127.0.0.1, though even that's not ideal because it is still
exposed to local users. Ultimately VNC needs to have SSL/TLS support
integrated into it to allow secure access over public network, which
is something I'm working on for QEMU...
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
10:11 a.m.
New subject: [Libvir] Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
On Fr, Jun 01, 2007 at 11:03:36 -0400, Glen Deem wrote:
Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc
server
was listening but I did not connect to its proper port (why libvirt
doesn't use <IP>:<domU id> kind of vnc connection and restricts the
server to local host only by default?).
AFAIK you can edit xend-config.sxl, restart xend and
it will be listening not only on the localhost.
--
WBR, i.m.chubin
10:15 a.m.
New subject: [Libvir] Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
On Fr, Jun 01, 2007 at 06:11:22 +0300, Igor Chubin wrote:
On Fr, Jun 01, 2007 at 11:03:36 -0400, Glen Deem wrote:
> Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server
> was listening but I did not connect to its proper port (why libvirt
> doesn't use <IP>:<domU id> kind of vnc connection and restricts the
> server to local host only by default?).
>
AFAIK you can edit xend-config.sxl, restart xend and
it will be listening not only on the localhost.
Also you can use ssh port forwarding.
You can read about in ssh(1).
ssh -L (for local port forwarding)
and
ssh -R (for remote port forwarding)
(vnc security is really not so good)
--
WBR, i.m.chubin
_______________________________________________
Xen-users mailing list
Xen-users(a)lists.xensource.com
http://lists.xensource.com/xen-users
--
WBR, i.m.chubin
6:40 a.m.
New subject: [Libvir] Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
Glen Deem schrieb:
Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc
server
was listening but I did not connect to its proper port (why libvirt
doesn't use <IP>:<domU id> kind of vnc connection and restricts the
server to local host only by default?).
This is defined in xend-config.sxp as
(vnc-listen '127.0.0.1')
I think its a security issue if vncviewer listens to 0.0.0.0 by default.
greetings
Stephan
6381
days inactive
6383
days old
4 comments
4 participants
participants (4)
-
Daniel P. Berrange -
Glen Deem -
Igor Chubin -
Stephan Seitz