On Mon, 1 Oct 2012 15:40:33 +0000 Dietmar Maurer <diet...@proxmox.com> wrote:
> > for pve-auth ? > > spicec client only send the password without login, I don't see how we can > > do > > this without hacking the client... > > So how is that expected to work? Authentication needs a user name, else it > does not make much sense? "In addition to encryption, the SPICE protocol allows for a choice of authentication schemes. The original SPICE protocol defined a ticket based authentication scheme using a shared secret. The server would generate an RSA public/private keypair and send its public key to the client. The client would encrypt the ticket (password) with the public key and send the result back to the server, which would decrypt and verify the ticket. The current SPICE protocol also allows for use of the SASL authentication protocol, thus enabling support for a wide range of admin configurable authentication mechanisms, in particular Kerberos" http://en.wikipedia.org/wiki/SPICE_(protocol) -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael <at> rasmussen <dot> cc http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD3C9A00E mir <at> datanom <dot> net http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE501F51C mir <at> miras <dot> org http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE3E80917 --------------------------------------------------------------
signature.asc
Description: PGP signature
_______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel