Hi Michael, > - KVM starts > - Time passes > - Evil person connects (assuming passwords default to unset/empty or > some well-known value) > - Time passes > - Ganeti connects via monitor/QMP and sets VNC/Spice password
I have been talking with folks on #kvm, and turns out that if you start SPICE without specifying a password AND without specifying ",disable_ticketing", the SPICE server will refuse the connections. You have to specify either a password or set "disable_ticketing", that means "connect w/o password". In this case we don't specify "disable_ticketing", except if the user does not provide a password, so we should be safe. Thanks, Andrea
