noVNC requires password authentication

Registered by pandatt on 2018-11-15

At present, whoever gets the noVNC Console URL can access to a specified VM. Obviously, the current novVNC lacks necessary protection from unwelocom guests.

To solve this security issue, i propose a Password Authentication for noVNC Console.

Blueprint information

Status:
Started
Approver:
Balazs Gibizer
Priority:
Undefined
Drafter:
pandatt
Direction:
Approved
Assignee:
pandatt
Definition:
Approved
Series goal:
Accepted for wallaby
Implementation:
Needs Code Review
Milestone target:
milestone icon wallaby-3
Started by
Eric Fried on 2020-02-17

Related branches

Sprints

Whiteboard

This would be an API change, so you would need to propose a spec for this. Please see the documentation for more details: https://docs.openstack.org/nova/latest/contributor/blueprints.html. -- melwitt 20190117

Gerrit topic: https://review.opendev.org/#/q/topic:623120

Addressed by: https://review.opendev.org/623120
    Proposal for a safer noVNC console with password authentication

[efried 20200214] Spec approved

[efried 20200220] Agreed in the Nova meeting to Direction:Approve all Definition:Approved blueprints http://eavesdrop.openstack.org/meetings/nova/2020/nova.2020-02-20-14.00.log.html#l-131

Gerrit topic: https://review.opendev.org/#/q/topic:bp/nova-support-webvnc-with-password-anthentication

Addressed by: https://review.opendev.org/622336
    WIP: nova supports password encrypted VNC

Addressed by: https://review.opendev.org/719720
    Re-proposes 'Proposal for a safer remote console with password authentication'

[gibi 20200414] we hit feature freeze in Ussuri, so it is deferred to Victoria
[gibi 20200518] spec approved for Victoria
[gibi 20200928] as we hit feature freeze I'm deferring this from Victoria

Addressed by: https://review.opendev.org/759828
    Re-proposes 'Proposal for a safer remote console with password authentication

[gibi 20201203] spec was merged for wallaby, so the bp is retargeted to wallaby

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.