On Mon, Apr 15, 2013 at 11:31:08AM +0100, Daniel P. Berrange wrote:
Yep, that would make it easier. Also if you did SSH key auth, but
allowed
passphrases to be passed in, instead of pulled from an agent (in same way
SSH does if no agent is running).
Because qemu is running as a different user (qemu.qemu) it most likely
won't have access to $HOME/.ssh/id_rsa, even assuming it knew which
$HOME to go to.
For ssh key auth, it would be helpful if both the raw key file
contents and the passphrase could be stored as libvirt secrets. Is
that possible?
If so, qemu can pass both to libssh2_userauth_publickey. Almost as in
this example:
http://libssh2.org/examples/ssh2.html , combined with
looking at how libssh2_userauth_publickey_fromfile is implemented:
http://git.libssh2.org/?p=libssh2.git;a=blob;f=src/userauth.c;h=a0733d5da...
I'm also a bit concerned that the solution should be usable for
ordinary users. qemu -drive file=ssh://... currently Just Works.
----
Next questions:
- How should host_key_check be modelled via the libvirt XML / API?
- We want the user to be able to select different authentication
methods (at least, password, publickey, agent [insecurely]). How
would you see these being modelled in the API? Particularly since
these may require associated secret(s).
Rich.
--
Richard Jones, Virtualization Group, Red Hat
http://people.redhat.com/~rjones
Read my programming blog:
http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)