Installed patched build onto Maverick server. vnc_listen set to 0.0.0.0 in /etc/libvirt/qemu.conf
Set vnc_password=""' with vnc_tls=1 in /etc/libvirt/qemu.conf and confirmed that the lanched server now rejects authentication for any password, whereas it turned off authentication and encryption completely before. Hashed out vnc_password and left vnc_tls=1 in /etc/libvirt/qemu.conf. Confirmed that the server uses anonymous auth with TLS. Allows the user on without a password. qemu-kvm launched with -vnc 0.0.0.0:0,tls,x509=/etc/pki/libvirt-vnc Hashed out vnc_tls=1. Confirmed server allows direct access to VNC. qemu-kvm launched with -vnc 0.0.0.0:0 Set vnc_password="". Confirmed server rejects authentication for any password, with no encryption. Again previously it had just let the user on. qemu-kvm launched with -vnc 0.0.0.0:0,password set vnc_password="password". Confirmed server accepts authentication with that password. qemu-kvm launched with -vnc 0.0.0.0:0,password -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/697197 Title: Empty password allows access to VNC in libvirt -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
