[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4) |
Date: |
Mon, 9 Mar 2009 09:51:36 +0000 |
User-agent: |
Mutt/1.4.1i |
On Fri, Mar 06, 2009 at 02:30:06PM -0600, Anthony Liguori wrote:
> Daniel P. Berrange wrote:
> >Previously I provided patches for QEMU's VNC server to support SSL/TLS
> >and x509 certificates. This provides good encryption capabilities for
> >the VNC session. It doesn't really address the authentication problem
> >though.
> >
> >I have been working to create a new authentication type in the RFB
> >protocol to address this need in a generic, extendable way, by mapping
> >the SASL API into the RFB protocol. Since SASL is a generic plugin
> >based API, this will allow use of a huge range of auth mechanims over
> >VNC, without us having to add any more auth code. For example, PAM,
> >Digest-MD5, GSSAPI/Kerberos, One-time key/password, LDAP password
> >lookup, SQL db password lookup, and more.
> >
> >I have got a VNC auth type assigned by the RFB spec maintainers:
> >
> > http://realvnc.com/pipermail/vnc-list/2008-December/059463.html
> >
>
> Applied 1-8. I'd like to wait on 9.
Thanks, I've no problem waiting for a better solution to #9 - it was
merely a basic proof of concept which I wasn't all that happy with.
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
- Re: [Qemu-devel] PATCH: 2/9: Enhance 'info vnc' monitor output, (continued)
- Re: [Qemu-devel] PATCH: 2/9: Enhance 'info vnc' monitor output, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 3/9: Refactor keymap code to avoid duplication, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 4/9: Move VNC structs into header file, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 5/9: Move TLS auth into separate file, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 6/9: Add SASL authentication support, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 7/9: Include auth credentials in 'info vnc', Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 8/9: Support ACLs for controlling VNC access, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 9/9: Persist ACLs in external files, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4), Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4), Anthony Liguori, 2009/03/06
- Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4),
Daniel P. Berrange <=