[ovirt-users] Re: vm console problem

David David <dd432690(a)gmail.com&gt; writes: > yes i have > console.vv attached It looks the same as mine. There is a difference in our logs, you have Possible auth 19 while I have Possible auth 2 So I still suspect a wrong authentication method is used, but I don't have any idea why. Regards, Milan > 2020-03-26 21:38 GMT+04:00, Milan Zamazal <mzamazal(a)redhat.com&gt;: >> David David <dd432690(a)gmail.com&gt; writes: >> >>> copied from qemu server all certs except "cacrl" to my desktop-station >>> into /etc/pki/ >> >> This is not needed, the CA certificate is included in console.vv and no >> other certificate should be needed. >> >>> but remote-viewer is still didn't work >> >> The log looks like remote-viewer is attempting certificate >> authentication rather than password authentication. Do you have >> password in console.vv? It should look like: >> >> [virt-viewer] >> type=vnc >> host=192.168.122.2 >> port=5900 >> password=fxLazJu6BUmL >> # Password is valid for 120 seconds. >> ... >> >> Regards, >> Milan >> >>> 2020-03-26 2:22 GMT+04:00, Nir Soffer <nsoffer(a)redhat.com&gt;: >>>> On Wed, Mar 25, 2020 at 12:45 PM David David <dd432690(a)gmail.com&gt; >>>> wrote: >>>>> >>>>> ovirt 4.3.8.2-1.el7 >>>>> gtk-vnc2-1.0.0-1.fc31.x86_64 >>>>> remote-viewer version 8.0-3.fc31 >>>>> >>>>> can't open vm console by remote-viewer >>>>> vm has vnc console protocol >>>>> when click on console button to connect to a vm, the remote-viewer >>>>> console disappear immediately >>>>> >>>>> remote-viewer debug in attachment >>>> >>>> You an issue with the certificates: >>>> >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.238: >>>> ../src/vncconnection.c Set credential 2 libvirt >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Searching for certs in /etc/pki >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Searching for certs in /root/.pki >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Failed to find certificate CA/cacert.pem >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c No CA certificate provided, using GNUTLS global >>>> trust >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Failed to find certificate CA/cacrl.pem >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Failed to find certificate >>>> libvirt/private/clientkey.pem >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Failed to find certificate >>>> libvirt/clientcert.pem >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Waiting for missing credentials >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c Got all credentials >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.239: >>>> ../src/vncconnection.c No CA certificate provided; trying the system >>>> trust store instead >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: >>>> ../src/vncconnection.c Using the system trust store and CRL >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: >>>> ../src/vncconnection.c No client cert or key provided >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.240: >>>> ../src/vncconnection.c No CA revocation list provided >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.241: >>>> ../src/vncconnection.c Handshake was blocking >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.243: >>>> ../src/vncconnection.c Handshake was blocking >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.251: >>>> ../src/vncconnection.c Handshake was blocking >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: >>>> ../src/vncconnection.c Handshake done >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.298: >>>> ../src/vncconnection.c Validating >>>> (remote-viewer:2721): gtk-vnc-DEBUG: 11:56:25.301: >>>> ../src/vncconnection.c Error: The certificate is not trusted >>>> >>>> Adding people that may know more about this. >>>> >>>> Nir >>>> >>>> >> >>