Re: [Qemu-devel] [PATCH] let management expire vnc password

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] let management expire vnc password

From:	Anthony Liguori
Subject:	Re: [Qemu-devel] [PATCH] let management expire vnc password
Date:	Fri, 02 Oct 2009 08:44:09 -0500
User-agent:	Thunderbird 2.0.0.23 (X11/20090825)

Daniel P. Berrange wrote:

I think it is a pretty valid use case, though I don't like the proposed
implementation. In essence it is implementing one-time-passwords instead
of multi-use passwords and both of those are reasonable concepts. Having
to implement one-time passwords using multi-use passwords + iptables is
a really bad, over complicated hack, particularly considering how trivial
this is todo in QEMU.

In terms of impl though, rather than having separate a 'expire_password'
command, I think  it would be preferrable to have alternative syntax for

setting initial credentials

    change vnc passwd     (for multi-use passwords)
    change vnc otp        (for single-use passwords)

Or, extend the existing 'change vnc passwd' command to allow optional
flags as a 4th argument.

     change vnc passwd otp

A one time password does make a bit more sense to me but I wonder ifthat still satisfies the use case.


Regards,

Anthony Liguori

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] let management expire vnc password, Daniel P. Berrange, 2009/10/02
- Re: [Qemu-devel] [PATCH] let management expire vnc password, Anthony Liguori <=
  - Re: [Qemu-devel] [PATCH] let management expire vnc password, Jamie Lokier, 2009/10/02

Prev by Date: Re: [Qemu-devel] [PATCH 00/25] pci: various pci clean up and pci express support. V2
Next by Date: Re: [Qemu-devel] [PATCH v1 00/14]: Initial QObject conversion
Previous by thread: Re: [Qemu-devel] [PATCH] let management expire vnc password
Next by thread: Re: [Qemu-devel] [PATCH] let management expire vnc password
Index(es):
- Date
- Thread