I would like to allow users to install their own paravirtualized DomUs using tools like virt-install. one way to make this possible is to give the users access to the vnc console that the pvfb driver enables. The question is this: how do I secure access to this? from what I read of vnc security, simply leaving it open isn''t much of an option. I could setup a second machine that my users would have to setup a ssh tunnel through to get to it, but that removes some of the "easy and intuitive to use" bit that the vnc console provides. (not that this is unacceptable; my entire business model has been that there are people that know what they are doing, and that those people are an undeserved market... right now, I require all my customers to understand how to generate and send me a OpenSSH public keys... still, the easier, the better.) So yeah, is anyone else opening the vnc console to customers? how do you go about securing it? _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users