Glen Deem
2007-Jun-01 15:03 UTC
[Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server was listening but I did not connect to its proper port (why libvirt doesn''t use <IP>:<domU id> kind of vnc connection and restricts the server to local host only by default?). Regards, Glen On 5/31/07, Glen Deem <xen.inbox@XXXXXXXXX> wrote:> Hi all, > > I''ve created an HVM guest under RHES 5 (Xen 3.0.3) using "xm create" > but I cannot access it with vncviewer. > > The Virtual Machine Manager also informs about graphics console unavailability. > > What am I doing wrong, please? > > I do > > vncviewer 123.456.789.123:4, > where 4 is the guest id. > > This is the xm config file is: > > name = "hvmGuest" > builder = "hvm" > memory = "500" > disk = [ ''file:/var/lib/red-hat.img,hda,w'', ] > vif = [ ''type=ioemu, mac=00:16:3e:34:3b:ba, bridge=xenbr0'', ] > device_model = "/usr/lib/xen/bin/qemu-dm" > kernel = "/usr/lib/xen/boot/hvmloader" > vnc=1 > vncunused=1 > apic=1 > acpi=1 > pae=1 > vcpus=1 > serial = "pty" > on_reboot = ''restart'' > on_crash = ''restart'' > > Thanks a lot in advance. > > Glen from Ottawa, Canada >_______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Daniel P. Berrange
2007-Jun-01 15:09 UTC
Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
On Fri, Jun 01, 2007 at 11:03:36AM -0400, Glen Deem wrote:> Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server > was listening but I did not connect to its proper port (why libvirt > doesn''t use <IP>:<domU id> kind of vnc connection and restricts the > server to local host only by default?).VNC authentication is an utter joke. It can be trivially brute forced so exposing it on a public IP address is not a good idea, hence the default is 127.0.0.1, though even that''s not ideal because it is still exposed to local users. Ultimately VNC needs to have SSL/TLS support integrated into it to allow secure access over public network, which is something I''m working on for QEMU... Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Igor Chubin
2007-Jun-01 15:11 UTC
Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
On Fr, Jun 01, 2007 at 11:03:36 -0400, Glen Deem wrote:> Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server > was listening but I did not connect to its proper port (why libvirt > doesn''t use <IP>:<domU id> kind of vnc connection and restricts the > server to local host only by default?). >AFAIK you can edit xend-config.sxl, restart xend and it will be listening not only on the localhost. -- WBR, i.m.chubin _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Igor Chubin
2007-Jun-01 15:15 UTC
Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
On Fr, Jun 01, 2007 at 06:11:22 +0300, Igor Chubin wrote:> On Fr, Jun 01, 2007 at 11:03:36 -0400, Glen Deem wrote: > > Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server > > was listening but I did not connect to its proper port (why libvirt > > doesn''t use <IP>:<domU id> kind of vnc connection and restricts the > > server to local host only by default?). > > > > AFAIK you can edit xend-config.sxl, restart xend and > it will be listening not only on the localhost. >Also you can use ssh port forwarding. You can read about in ssh(1). ssh -L (for local port forwarding) and ssh -R (for remote port forwarding) (vnc security is really not so good)> -- > WBR, i.m.chubin > > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users-- WBR, i.m.chubin _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Stephan Seitz
2007-Jun-03 11:40 UTC
Re: [Xen-users] SOLVED Re: cannot use vncviewer and VMM graphics console to access HVM guest on RHES 5
Glen Deem schrieb:> Thanks to Igor Chubin (spasibo) and Richard Jones, the qemu vnc server > was listening but I did not connect to its proper port (why libvirt > doesn''t use <IP>:<domU id> kind of vnc connection and restricts the > server to local host only by default?). >This is defined in xend-config.sxp as (vnc-listen ''127.0.0.1'') I think its a security issue if vncviewer listens to 0.0.0.0 by default. greetings Stephan _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users