[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] let management expire vnc password
|
From: |
Dan Kenigsberg |
|
Subject: |
Re: [Qemu-devel] [PATCH] let management expire vnc password |
|
Date: |
Wed, 30 Sep 2009 18:45:54 +0200 |
|
User-agent: |
Mutt/1.5.19 (2009-01-05) |
On Wed, Sep 30, 2009 at 09:43:13AM -0500, Anthony Liguori wrote:
> Dan Kenigsberg wrote:
>> On Wed, Sep 30, 2009 at 08:49:28AM -0500, Anthony Liguori wrote:
>>
>>> Dan Kenigsberg wrote:
>>>
>>>> After a client connects to vnc server, management may wish to expire the
>>>> vnc password, so that an attacker has less time to break into the vm.
>>>>
>>> I don't understand what the use-case for this is.
>>>
>>> You want to basically lock out any new clients? Can't you just set
>>> the password to something random?
>>>
>>
>> Yes, and actually that's what we currently do. But having a random
>> password still opens a crack for guessing it.
>>
>
> Is the requirement, prevent future clients from connecting to the vnc
> server? Essentially, disabling the vnc server?
>
> Could we do something more direct like add a 'vnc off' monitor command?
> The nice thing about this approach is that we could add a flag to
> disconnect all connected clients since someone else wanted that feature
> in the past.
>
We would like to prevent future connection, but not to disconnect
existing ones.
> Can you explain the rationale for doing this though in a management
> tool? I'd like to better understand what sort of policy you're trying
> to enforce.
The rationale is central management of access to virtual machines.
Normally, no vnc access to VMs is allowed. A user with enough
credentials may request the management tool for a short-lived
"ticket" to connect to a VM. If the user uses it, great. But after the
ticket expires, no further connections are allowed.
Regards,
Dan.