[Libvir] Re: [PATCH] add no_tty flag for ssh
On Wed, Sep 12, 2007 at 11:21:29AM +0100, Richard W.M. Jones wrote:
This patch adds an extra no_tty=1 flag to the connection URI. This
stops ssh from asking for a password if it can't log in automatically.
Typical use-case for this is in graphical programs where if ssh asks for
a password it would cause the GUI program to hang.
Example:
$ virsh -c xen+ssh://xxx/ list
rjones@xxx's password:
Permission denied, please try again.
rjones@xxx's password:
Permission denied, please try again.
rjones@xxx's password:
Permission denied (publickey,gssapi-with-mic,password).
libvir: Remote error : Connection reset by peer
error: failed to connect to the hypervisor
error: no valid connection
$ virsh -c xen+ssh://xxx/?no_tty=1 list
Permission denied (publickey,gssapi-with-mic,password).
libvir: Remote error : Connection reset by peer
error: failed to connect to the hypervisor
error: no valid connection
The use of '-o PasswordAuthentication=no' isn't sufficient because even
with pulic key / gssapi auth schemes it may prompt for passwords and/or
passphrases.
I think we need to use '-T -o BatchMode=yes', and regardless of the
no_tty flag I think it could be wise to add '-e none'.
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|