Disable_spice_password.rst 1.53 KB
Newer Older
Francesc Guasch's avatar
Francesc Guasch committed
1
2
3
4
Disable Spice Password
======================

When the users start a virtual machine, a password is defined for the spice connection.
Francesc Guasch's avatar
Francesc Guasch committed
5
This can be disabled for a given network or in the main settings.
Francesc Guasch's avatar
Francesc Guasch committed
6

Francesc Guasch's avatar
Francesc Guasch committed
7
8
9
10
11
If you want to disable Spice passwords for all the virtual machines in all the networks,
disable it in *Admin Tools* , then *Settings*. The option is *Display Password*.

Follow the next guide if you want to disable the display password only for clients
that access from some networks.
Francesc Guasch's avatar
Francesc Guasch committed
12
13
14
15

Define the network
------------------

Francesc Guasch's avatar
Francesc Guasch committed
16
17
18
19
20
21
22
Choose the *Admin Tools* option *Networks*. Create a new network and enable the settings
that suit you best.

.. figure:: images/new_network.jpg
    :alt: New network form

    New network form
Francesc Guasch's avatar
Francesc Guasch committed
23

Francesc Guasch's avatar
Francesc Guasch committed
24
25
26
    Set a name for this network definition, you may want to allow access without
    client password. Enable *all machines* so users from this network can access the
    virtual machines.
Francesc Guasch's avatar
Francesc Guasch committed
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46


Applying settings
-----------------

This settings applies on starting a new virtual machine. So running virtual machines
will keep the former settings. Shutting them down and up will trigger the new
configuration.

Default setting
---------------

Any other network requires password as defined by the '0.0.0.0/0' network setting.

Why is that ?
-------------

Ravada opens SPICE connections and manages iptables to make sure no one can
connect to another user's virtual machine. This is also enforced through the
password setting. Please consider disabling it only in controlled, seat-unique ip
Francesc Guasch's avatar
Francesc Guasch committed
47
environments. Configuring SPICE-TLS is recommended.