catborise
commented
2 years ago i personally use TCP with SASL passwd mechanism. I never used TLS. i may research how to do it.
also;
you may take a look at https://avdv.github.io/libvirt/auth.html _The plain TCP socket of the libvirt daemon defaults to using SASL for authentication. The SASL mechanism configured by default is DIGEST-MD5, which provides a basic username+password style authentication. It also provides for encryption of the data stream, so the security of the plain TCP socket is on a par with that of the TLS socket. If desired the UNIX socket and TLS socket can also have SASL enabled by setting the auth_unix_ro, auth_unix_rw, authtls config params in libvirt.conf.
ssbaksa
Hi,
This isn't a bug but more a help request.
I am using WebVirt in docker environment and it is a great way for doing so but I have decided to test TLS as connection method. Where do you propose to keep certificate files? I am not sure even with ordinary installation where to put them. It is easy with libvirt/virsh because you keep all of them under /etc/pki structure and it works as it should.
Also, in TLS tab there are a username and password fields. What if I want to use only certificates without SASL? Is that possible with current version of WebVirt? I know that certs + login&password is more secure way but ...