enable "auth_schemes" "vencrypt" to enable cert based auth between novncproxy and qemu
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
config reference:
https:/
to prevent direct access to the qemu-console cert based auth should be used.
Todo: find out which certs to use for this, maybe something already present can be reused here.
[vnc]vencrypt_
a user reported this as a possible (security) bug via IRC.
currently it is possible to connect to any vnc session with any vnc client by just pointing the client at the port/ip combination.
depending on your point of view this might be viewed as a security bug, but as the information is already publicly available both in code as in the IRC chatlogs I choose not to open a private bug for this.
Changed in kolla-ansible: | |
status: | New → Confirmed |