Hi Sahid, this is intentional by upstream, see [1] To quote the most important part: "... SCRAM mechanism, however, note that this does not provide encryption, so the SCRAM mechanism can only be used on the libvirtd TLS listener ..."
For TCP you have to use either the outdated/deprecated/non-recommended DIGEST-MD5 (as you foudn working). Or (much better) set up for GSSAPI (which therefore also is the default in the config). For that setup [2] you need to configure kerberos [3]. Maybe the upstream error message could be better, but the TL;DR is TCP+SCARM is not intended to work. [1]: https://libvirt.org/auth.html#ACL_server_sasl [2]: https://libvirt.org/auth.html#ACL_server_kerberos [3]: https://help.ubuntu.com/lts/serverguide/kerberos.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1835427 Title: sasl authentication fails when using mech scram-sha-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1835427/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
