Add the ability to specify a path to a ssh-agent socket in order to use
the ssh-agent to authenticate to remote ssh disks. Example
configuration:
<disk type='network'>
</source protocol='ssh' ...>
<identity username='myusername'
agentsock='/path/to/socket'/>
...
</source>
...
</disk>
Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com>
Reviewed-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/formatdomain.rst | 13 ++++++++-----
src/conf/schemas/domaincommon.rng | 11 ++++++++---
2 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index baa2fdce7d..714fee4fbf 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -3007,11 +3007,14 @@ paravirtualized driver is specified via the ``disk`` element.
are intended to be default, then the entire element may be omitted.
When using an ``ssh`` protocol, this element is used to enable
- authentication via ssh keys. In this configuration, the element has two
- attributes. The ``username`` attribute specifies the name of the user on
- the remote server and the ``keyfile`` attribute specifies the path to the
- keyfile. Note that this only works for ssh keys that are not
- password-protected.
+ authentication via ssh keys. In this configuration, the element has three
+ possible attributes. The ``username`` attribute is required and specifies
+ the name of the user on the remote server. ssh keys can be specified in
+ one of two ways. The first way is by adding them to an ssh-agent and
+ providing the path to the ssh-agent socket in the ``agentsock``
+ attribute. This method works for ssh keys with or without password
+ protection. Alternatively, for ssh keys without a password, the ssh key
+ can be specified directly by setting the ``keyfile`` attribute.
``reconnect``
For disk type ``vhostuser`` configures reconnect timeout if the connection
is lost. This is set with the two mandatory attributes ``enabled`` and
diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng
index 47c5ee2a31..d8dd1b8c69 100644
--- a/src/conf/schemas/domaincommon.rng
+++ b/src/conf/schemas/domaincommon.rng
@@ -2186,9 +2186,14 @@
<attribute name="username">
<ref name="genericName"/>
</attribute>
- <attribute name="keyfile">
- <ref name="absFilePath"/>
- </attribute>
+ <choice>
+ <attribute name="keyfile">
+ <ref name="absFilePath"/>
+ </attribute>
+ <attribute name="agentsock">
+ <ref name="absFilePath"/>
+ </attribute>
+ </choice>
</interleave>
</element>
</define>
--
2.41.0