On 7/1/22 08:39, Dietmar Maurer wrote:
addendum:
'it doesn't do anything here' is not completely correct
for 'regular' vm displays it just does not set the ticket which
breaks the connection
I think this ("break the connection") is important, because otherwise it would
allow unecrypted VNC traffic over the network. I guess we do not want that.
But qemu now supports more VNC auth types, so maybe we can allow TLS encrypted
VNC from outside, and unecrypted VNC for local proxy code.
I will take a look at that when I am back from vacation...
i don't understand your message.. not setting the Ticket here does not allow unencrypted VNC
traffic? in 'qm vncproxy' we die if the ticket is not set, and even if we'd not,
the vnc server from qemu does not listen on a public ip, but on 127.0.0.1 (or
::1)
but yeah, we can look at that after your vacation ;)
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
