[pve-devel] I am only able to open one spice console

Alexandre DERUMIER aderumier at odiso.com
Thu Jun 27 08:12:52 CEST 2013


Another point, if we download a vnc config file (like for spice), to open remote-viewer,
I think the password must but in clear in config file ?
(so maybe do we need to crypt it, and patch qemu to decrypt it before doing the sasl auth ?)



----- Mail original ----- 

De: "Dietmar Maurer" <dietmar at proxmox.com> 
À: "Alexandre DERUMIER" <aderumier at odiso.com> 
Cc: pve-devel at pve.proxmox.com 
Envoyé: Jeudi 27 Juin 2013 08:05:28 
Objet: RE: I am only able to open one spice console 

> >>I wonder If we should use SASL for our auth framework. I guess that 
> >>would make it easier to use with qemu ? 
> 
> Yes that could be great. I don't known if we can make it work with any 
> authentification (like ldap for example). Maybe through pamd ? 
> I don't have touch sasl since a long time ago. 

I guess saslauthd supports more methods than we have: 

# Which authentication mechanisms should saslauthd use? (default: pam) 
# 
# Available options in this Debian package: 
# getpwent -- use the getpwent() library function 
# kerberos5 -- use Kerberos 5 
# pam -- use PAM 
# rimap -- use a remote IMAP server 
# shadow -- use the local shadow password file 
# sasldb -- use the local sasldb database file 
# ldap -- use LDAP (configuration is in /etc/saslauthd.conf) 

... 



More information about the pve-devel mailing list