On Thu, Jun 11, 2009 at 04:05:39AM -0400, Jim Paris wrote: > Daniel P. Berrange wrote: > > On Mon, Jun 08, 2009 at 11:35:00AM +0200, Christian Weyermann wrote: > > > Hello everybody, > > > > > > I encountered the following problem. I want my users to only be able to > > > connect to their own virtual machines via VNC. Is there any way to do so? > > > > The VNC authentication setup is currently being done per-host, so there > > is no way to define ACLs per-(user,vm) tuple as you describe. > > What about the VNC password? > That's per-VM, isn't it? With KVM/QEMU, you can set a VNC password per VM. But I think it is either/or though; you can use VNC with passwords (no encryption), or use VNC with TLS, which is encrypted, but anyone with a valid certificate can connect (to any VM). Someone correct me if I'm wrong on that. -- Garry Dolley ARP Networks, Inc. | http://www.arpnetworks.com | (818) 206-0181 Data center, VPS, and IP Transit solutions Member Los Angeles County REACT, Unit 336 | WQGK336 Blog http://scie.nti.st -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list