Re: [PATCH v3 3/6] virsh: Expose OpenSSH authorized key file mgmt APIs

The new virsh commands are: get-user-sshkeys set-user-sshkeys Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; --- docs/manpages/virsh.rst | 38 ++++++++++ tools/virsh-domain.c | 164 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 202 insertions(+) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index bfd26e3120..543f62d429 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst

@@ -4004,6 +4019,29 @@ For QEMU/KVM, this requires the guest agent to be configured and running. +set-user-sshkeys +---------------- + +**Syntax:** + +:: + + set-user-sshkeys domain user [--file FILE] [{--reset | --remove}] + +Append keys read from *FILE* into *user*'sSSH authorized keys file in the guest

+*domain*. In the *FILE* keys must be on separate lines and each line must +follow authorized keys format as defined by *sshd(8)*. + +If *--reset* is specified, then the guest authorized keys file content is +removed before appending new keys. As a special case, if *--reset* is provided +and no *FILE* was provided then no new keys are added and the authorized keys +file is cleared out. + +If *--remove* is specified, then instead of adding any new keys then keys read +from *FILE* are removed from the authorized keys file. It is not considered an +error if the key does not exist in the file.