Description of problem: Boot up a VM and execute monitor command "change vnc password", re-connect vnc port, but there is no authentication. Version-Release number of selected component (if applicable): kvm version: kvm-83-193.el5 How reproducible: 100% Steps to Reproduce: 1. boot up a guest 2. change vnc password 3. re-connect vnc port Actual results: no password authentication Expected results: need password authentication Additional info: # qemu-kvm -name 'vm1' -serial unix:'/tmp/serial-20100914-202648-KKQu',server,nowait -drive file='/home/devel/autotest/client/tests/kvm/images/win7-64-virtio.qcow2',index=0,if=virtio,media=disk,cache=none,boot=on,format=qcow2 -net nic,vlan=0,model=virtio,macaddr='02:8F:F3:8D:9e:1e' -net tap,vlan=0,ifname='virtio_0_8000',script='/home/devel/autotest/client/tests/kvm/scripts/qemu-ifup-switch',downscript='no' -m 3000 -smp 2 -drive file='/home/devel/autotest/client/tests/kvm/isos/windows/winutils.iso',media=cdrom,index=1 -cpu qemu64,+x2apic -soundhw ac97 -redir tcp:5000::10023 -vnc :0 -rtc-td-hack -M rhel5.5.0 -usbdevice tablet
Use '-vnc :0,password' to turn on password authentication.
(In reply to comment #1) > Use '-vnc :0,password' to turn on password authentication. Hi Hoffmann, When I boot up guest with '-vnc :0' (without ',password') in RHEL6, the authentication also works. I'm not sure if it's normal.
Yes, the upstream qemu behavior has changed at some point that setting a password implicitly turns on password authentication. RHEL-5 has the old behavior, RHEL-6 the new. If you want a password-protected vnc session you are better explicitly say so using the password flag even in RHEL-6, otherwise there is a window (between starting qemu and setting the password) where it is possible to connect without authentication. IMHO there is no good reason to make RHEL-5 match RHEL-6 behaviour, so I'll rather leave it as-is to avoid unpleasant surprises.