Re: [libvirt] Web Interface -> LibVirt Communication?

Stefan de Konink wrote: > Michael March schreef: >> >>> Michael March schreef: >>>> .. in this setup you MUST have the ssh public key of the user the >>>> web server runs as in the 'root' account of each server it >>>> manages.. again, this might not be 100% kosher.. but it works. >>> >>> The main problem I encounter is the hostname voodoo...but that check >>> can be disabled. I probably make an automatic hostname based on mac >>> address, and send that via SSH to the main box. >>> >>> A shared certificate is probably an option too, if the hostname is >>> ignored. >>> >> Hmm.. I'm not sure what you exactly mean by "hostname voodoo".... Do >> you mean the checks the ssh client does the first time it connects to >> an unknown server? > > No I mean that the certificate is not valid if the hostname doesn't > match. (It is possible to disable that in the connection string though) > All I did was make sure I ssh'd as a 'real' user first.. using whatever hostname I was using for the ssh endpoint.. if that went well (making sure I didn't have to enter a password or ssh key pass-phrase) I was pretty certain the libvirt connection would work. However.. other messages on this thread are recommending against the ssh method.. I'm going to try the recommended Digest-MD5 method now too