This patch adds support for expiring passwords to vnc. It adds a new
vnc_display_pw_expire() function which specifies the time when the
password will expire.
Signed-off-by: Gerd Hoffmann
---
console.h |1 +
qemu-common.h |3 +++
ui/vnc.c | 14 ++
ui/vnc.h |
On 11/17/2010 04:23 AM, Gerd Hoffmann wrote:
But the later let's a management tool implement arbitrarily complex
expiration policies.
Hmm, we could do this:
set-password $protocol $secret
expire-password $protocol [ now | never | $seconds ]
Comments?
I would be happy with this. I don't mi
Hi,
Having an expiration policy builtin to QEMU (as
opposed to libvirt) seems like the wrong place.
IMHO it doesn't build policy into qemu. It is still up to libvirt (or
the management app building on top of libvirt) to decide if and when
the password will expire.
Except if you want to can
On 11/11/2010 05:39 AM, Gerd Hoffmann wrote:
Hi,
If anything goes wrong in the mgmt tool at step 2 though,
then it may never to step 3, leaving the VNC server accessible.
I think the point is that you can expire the password by just changing
it through the monitor.
Well, you can't really
Hi,
If anything goes wrong in the mgmt tool at step 2 though,
then it may never to step 3, leaving the VNC server accessible.
I think the point is that you can expire the password by just changing
it through the monitor.
Well, you can't really expire it, you can only set it to $randomvalue
On 11/09/2010 07:42 AM, Gerd Hoffmann wrote:
are available in the git repository at:
git://anongit.freedesktop.org/spice/qemu passwd.2
Ping? What is the status here?
My view is that it's wrong for QEMU because it's a specific management
policy that isn't generally useful. It can be easily
On 10/08/2010 05:08 AM, Daniel P. Berrange wrote:
On Thu, Oct 07, 2010 at 02:53:05PM -0500, Anthony Liguori wrote:
On 10/07/2010 06:15 AM, Gerd Hoffmann wrote:
This patch adds support for expiring passwords to vnc. It adds a new
lifetime parameter to the vnc_display_password() functi
On 11/02/10 12:15, Gerd Hoffmann wrote:
Hi,
How does password expiration help with security at all?
VNC passwords are obviously rather weak, so if you can limit
the time the password is valid to the window in which you
are expecting the incoming VNC connection this limits the
time to attack
Hi,
How does password expiration help with security at all?
VNC passwords are obviously rather weak, so if you can limit
the time the password is valid to the window in which you
are expecting the incoming VNC connection this limits the
time to attack the VNC password. A mgmt tool could do
On Thu, Oct 07, 2010 at 02:53:05PM -0500, Anthony Liguori wrote:
> On 10/07/2010 06:15 AM, Gerd Hoffmann wrote:
> >This patch adds support for expiring passwords to vnc. It adds a new
> >lifetime parameter to the vnc_display_password() function, which
> >specifies the number of seconds the new pas
On 10/07/2010 06:15 AM, Gerd Hoffmann wrote:
This patch adds support for expiring passwords to vnc. It adds a new
lifetime parameter to the vnc_display_password() function, which
specifies the number of seconds the new password will be valid. Passing
zero as lifetime maintains current behavior
This patch adds support for expiring passwords to vnc. It adds a new
lifetime parameter to the vnc_display_password() function, which
specifies the number of seconds the new password will be valid. Passing
zero as lifetime maintains current behavior (password never expires).
Signed-off-by: Gerd
12 matches
Mail list logo
