Setting Remote Desktop access password in KVM - desktop

I am using KVM with libvirt for virtualization. I can access remote desktop of my vm's without any password. I want to set a Password for each vm access. I am using vinagre : for remote desktop access.
Thanks in advance.

In libvirt:
Add Hardware
Select Graphics
Select VNC Server
Set Password

You can edit your domain xml directly like this:
# virsh edit <your-domain-name>
edit the element and add attribute passwd like this:
<graphics type='vnc' passwd='foo'>
You can get more options from the article libvirt domain xml format

Related

Digital Ocean, how can i secure my SSH connections?

I'm new to this online server area, all I've done so far is create a server on Digital Ocean using Ubuntu 20.04 operating system with LAMP library (apache2) installed.
Currently I use Putty to access the server's command line (I use private key ssh authentication files).
When I put the domain URL or IP, enter port 22, and click "Open connection", the application automatically manages to connect to the server asking for login and password.
Pretty simple isn't it? My concern is that anyone who has the least knowledge can come across the gateway to my server, just that he has the login and password to access.
But when I try to connect with putty on sites like stackoverflow.com, google.com, facebook.com and among others, putty doesn't give me the opportunity to type the login.
Knowing this, how do I secure my server so that it can act in the same way as the aforementioned sites?
You could add some sort of VPN and whitelist a select amount of IP addresses able to access your server. This would add an extra layer of security.

Customizing the API Manager URL(s) - Windows

So i'm trying to change the default URL for WSO2 features i.e. Publisher, Carbon, Store from localhost to, lets say, myDomain.com.
I've looked for it in the WSO2 documentation but i keep finding this article over and over again
https://docs.wso2.com/display/AM210/Customize+the+API+Store+and+Gateway+URLs
The problem with this is that it has linux-based (i suppose) commands listed that cannot be applied to windows.
I've also tried to change the host < HostName > and < MGT HostName > tags in the carbon.xml of the WSO2 product but it does not respond and display the page AT ALL! just works with the localhost. thats it
Any ideas or options for the windows end? Thanks
1) Yes, the commands given in the doc are for linux. But what those commands do is installing nginx. So you can ignore those commands, and install nginx in windows.
NGinx configurations given in the doc will be the same for any OS.
2) If you add a hostname to <HostName> and <MGT HostName> tags, you need to have IP to hostname mapping somewhere. I think there is a host file in windows for that.

WSO2 EMM emm-agent-android download

I have successefully installed WSO2 EMM.
Now, i want to download the emm-agent-android app.
I accessed from my adroid device to my_url:9443/emm -> Device management and i clicked on "Enroll a device" button.
I got this follewed url : my_url:9443/emm/api/device_enroll that i accessed from may device and i clicked on "Download Agent" button.
I got be then redirected to the url: http://my_url:9763/emm/client_app/emm-agent-android.apk web page not found
So I change the url to https://my_url:9443/emm/client_app/emm-agent-android.apk
The download starts but with failure what is the problem?
I assume you have logged to the EMM console using admin / tenant admin credentials for at-least once. If the everything works fine the address to download the agent should be something like "http://10.100.5.37:9763/emm/client_app/emm-agent-android.apk". Make sure you have the client app in "/repository/deployment/server/jaggeryapps/emm/client_app" folder. Try to invoke the download agent address directly from the browser without going through "https://my_url:9443/emm/api/device_enroll". You can not download the agent from "https" endpoint unless the SSL setup is configured properly.
I have checked that the emm-agent-android.apk is in "/repository/deployment/server/jaggeryapps/emm/client_app" but the url "http://my_ip:9763/emm/client_app/emm-agent-android.apk" not found
So I checked listening ports netstat | grep 9443 show lines but nestat|grep 9763 display nothing Is there config file to edit?
Is your Device and the Server in the same network? (Unless your server is hosted in a proper host and it has a public IP which you can access from anywhere)

Pyro.errors.ProtocolError: connection failed

I'm using OpenOPC library to connect to OPC servers. I can successfully write and read from my local Matrikon OPC server but when I try and read from another machine (different host) then I get the error Pyro.errors.ProtocolError: connection failed
My code for connection is here;
import OpenOPC
class OPC_tag_reader:
opc = OpenOPC.open_client('<remote host>')
#breaks here!!!!
def __init__(self):
print 'connecting to server'
self.opc.connect('Matrikon.OPC.Simulation.1', '<remote host')
The code does not get to the constructor.
Thanks!
OPC uses DCOM for communicating you need to perform the following steps to solve this issue.
Run the DCOM configuration utility by selecting Run from your Windows Start menu and type dcomcnfg.exe click on OK.
2.Expand Component Services, Computers and RightClick on the MyComputer and select Properties
Select the Tab Default Properties and Check the “Enable Distributed COM on this Computer”. The Default Authentication level should be Connect and the Default Impersonation level should be Identify. NOTE: Provide additional security for reference tracking should be unchecked.
Now select the COM Security Tab and under the Access Permissions section click on the Edit Defaults Button, Click on the Add… Button and add the user name (The newly created user name that is exactly same as that of user name on the server). After adding the New user select it and in the box below check the boxes to enable (Allow) Both Local Access and Remote Access.
For initial test purposes include Everyone in the Grant Access list.
On the machine where the server is add OpcEnum.exe to the firewall exception list
On the client machine's fire wall allow port 135 incoming coneciton
Note: For initial testing disable the firewall on both the server and the client .. :)
Note down the user ID and password of the windows user account under which the opc server is running and create the same user name and account on the remote machine (This is to establish trust between the two computers)

WMI access on a remote server (different domain)

I have been trying to make MySQL Workbench's Remote Server Administration to work with my WMI service installed on a Windows 2008 R2 server.
I would like to know if the following syntax is correct and sufficient in order to check if WMI access has been enabled on the server.
wmic /node:myserver.com /user:wmi_user /password:123456 systemenclosure get serialnumber
I have tried the above command from my home laptop however it gives "The RPC server is unavailable" error.
What I have done so far on the server:
User Account with WMI Rights
Created a separate user account for WMI access(user: wmi_user and it is a member of administrator group).
Enabled WMI traffic on the firewall using the following command:
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
netsh firewall set service RemoteAdmin enable
CIMOM settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\CIMOM\AllowAnonymousCallback change the value from 0 to 1.
UAC settings
I have adjusted the UAC for wmi_user to never notify.
DCOM settings
I've read on one article which mentions if the user is in the administrator group, there is no need to change this setting.
Please let me know if there's anything else I missed out. Thank you.