On Tue, Jul 31, 2007 at 08:46:49PM -0500, Anthony Liguori wrote:
Daniel P. Berrange wrote:
This patch introduces support for VNC protocols upto 3.8 and with
it, support for password based authentication. VNC's password based
authentication is not entirely secure, but it is a standard and the
RFB spec requires that all clients support it. The password can be
provided by using the monitor 'change vnc :1' and it will prompt for
a password to be entered. Passwords have upto 8 letters of context.
Pressing 'enter' without entering any characters disables password
auth in the server. NB, we need a custom copy of d3des here because
VNC uses a 'special' modification of the algorithm. This d3des code
is public domain & in all other VNC servers & clients.
I think it may be better to have a command to explicitly set the vnc
password. Issuing "change vnc :1" just to change the password is a
little awkward IMHO.
Ok I'll add a separate command for that - any preference for naming.
I thought about 'change vncpassword', but the 'change' command requires
2 args and we'd only have 1 here. Or if we think there may be other
devices/drivers which will have passwords in the future we could have
'change password vnc' as the command.