| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Allowing vnc to a domU on xen 3.2
If you want to limit subnets, your best bet is to use iptables to prevent
unauthorized IPs from logging in.
In order to get VNC to listen on all of your interfaces, you may need to modify
the guest configurations, as well - some of them may specify 127.0.0.1 in
addition to it being the xend-config.sxp file. Look at the config files for
your domUs and make sure they're set correctly.
After that, you can use vncviewer localhost:<portnumber> on the local Xen
machine, or VNC Viewer from another machine to connect.
-Nick
>>> On Mon, Feb 9, 2009 at 8:26 AM, James Pifer <jep@xxxxxxxxxxxxxxxx> wrote:
> I'm running xen-3.2.0_16718_18-0.3. How do you allow someone to vnc to a
> specific domU?
>
> I changed xend-config.sxp to have:
> (vnc-listen '0.0.0.0')
>
> So this enables vnc listen on all interfaces, right?
>
> Is there a way to limit what subnets or ip's are allowed?
>
> There's also a vncpasswd setting. Does it use the same password on all
> the domU's?
>
> Next, how do you enable it in the domU since this version of xen stores
> all of this in the xenstore? So if I do an xm list -l of a domU I get
> the config shown at the bottom. I think vnc is already enabled, but how
> do I get to this domU with vncviewer?
>
> Thanks,
> James
>
>
> (domain
> (domid 22)
> (on_crash destroy)
> (uuid 5f14eff8-d651-8f86-0d45-b032cb9d9c49)
> (bootloader_args )
> (vcpus 1)
> (name server1)
> (on_poweroff destroy)
> (on_reboot restart)
> (bootloader )
> (maxmem 2048)
> (memory 2048)
> (shadow_memory 17)
> (features )
> (on_xend_start ignore)
> (on_xend_stop ignore)
> (start_time 1234031524.34)
> (cpu_time 4421.91163849)
> (online_vcpus 1)
> (image
> (hvm
> (kernel /usr/lib/xen/boot/hvmloader)
> (hpet 0)
> (stdvga 0)
> (extid 0)
> (serial pty)
> (vncunused 1)
> (boot c)
> (rtc_timeoffset -18000)
> (pci ())
> (pae 1)
> (hap 1)
> (acpi 1)
> (localtime 1)
> (timer_mode 0)
> (vnc 1)
> (nographic 0)
> (guest_os_type default)
> (apic 1)
> (monitor 0)
> (usbdevice tablet)
> (device_model /usr/lib/xen/bin/qemu-dm)
> (usb 1)
> (xauthority //.Xauthority)
> (isa 0)
> (notes (SUSPEND_CANCEL 1))
> )
> )
> (status 2)
> (state -b----)
> (store_mfn 524286)
> (device
> (vif
> (uuid 1c455b73-650c-3173-ee4d-8a24624688ea)
> (script vif-bridge)
> (mac 00:16:3e:46:17:53)
> (model rtl8139)
> (type ioemu)
> (backend 0)
> )
> )
> (device
> (vbd
> (uname file:/var/lib/xen/images/dvstserver/disk0)
> (uuid 76ddddd5-1e1d-8167-6712-234f98bd446b)
> (mode w)
> (dev hda:disk)
> (backend 0)
> (bootable 1)
> )
> )
> (device
> (vfb
> (vncunused 1)
> (type vnc)
> (uuid 4abc3949-ab97-562f-9341-ea00ea133de1)
> (location localhost:5900)
> )
> )
> (device
> (console
> (protocol vt100)
> (location 3)
> (uuid e66caf6f-b3ac-1167-b386-abeed533817f)
> )
> )
> )
This e-mail may contain confidential and privileged material for the sole use
of the intended recipient. If this email is not intended for you, or you are
not responsible for the delivery of this message to the intended recipient,
please note that this message may contain SEAKR Engineering (SEAKR)
Privileged/Proprietary Information. In such a case, you are strictly
prohibited from downloading, photocopying, distributing or otherwise using this
message, its contents or attachments in any way. If you have received this
message in error, please notify us immediately by replying to this e-mail and
delete the message from your mailbox. Information contained in this message
that does not relate to the business of SEAKR is neither endorsed by nor
attributable to SEAKR.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home