[libvirt] Decent How-To now on the wiki for setting up Transport Layer Security
Hi all, For anyone that's interested in setting up TLS with libvirt, but hasn't gotten around to it yet, there's a decent guide on the wiki now: http://wiki.libvirt.org/page/TLSSetup It's user focused (ie SysAdmin's), and has lots of pics explaining concepts, plus shows what needs to be done, and shows how to do it. Please note, it doesn't cover SASL, it's just plain host based TLS. Very much open to feedback on it, if people have suggestions for improvement. Hope that helps. :) Regards and best wishes, Justin Clift
Hi Justin, it's very nice! Good work. I like those pictures :) Thank you, for this. Greetings, Jaromír Červenka Official openSUSE community member Web: http://www.cervajz.com/ Jabber: cervajz@cervajz.com MSN: jara.cervenka@seznam.cz Tel.: +420 607 592 687 Alt. e-mails: jaromir.cervenka@opensuse.org, jaromir.cervenka@speel.cz 2010/8/30 Justin Clift <jclift@redhat.com>
Hi all,
For anyone that's interested in setting up TLS with libvirt, but hasn't gotten around to it yet, there's a decent guide on the wiki now:
http://wiki.libvirt.org/page/TLSSetup
It's user focused (ie SysAdmin's), and has lots of pics explaining concepts, plus shows what needs to be done, and shows how to do it.
Please note, it doesn't cover SASL, it's just plain host based TLS.
Very much open to feedback on it, if people have suggestions for improvement.
Hope that helps. :)
Regards and best wishes,
Justin Clift
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On 08/30/2010 08:58 PM, Jaromír Červenka wrote:
Hi Justin,
it's very nice! Good work. I like those pictures :) Thank you, for this.
Hi Jaromír, You are completely welcome. :) If there are parts of it that need adjusting for openSUSE, please feel welcome to update it directly, or let me know so I can. :) Something I've missed is information on configuring the firewall ports to allow incoming TLS connections for libvirt. (tcp 16514 inbound) That'll be fixed tomorrow (for Fedora/RHEL). Would you be interested in adding the openSUSE bits for it? Regards and best wishes, Justin Clift
Greetings,
Jaromír Červenka Official openSUSE community member Web: http://www.cervajz.com/ Jabber: cervajz@cervajz.com MSN: jara.cervenka@seznam.cz Tel.: +420 607 592 687 Alt. e-mails: jaromir.cervenka@opensuse.org, jaromir.cervenka@speel.cz
On Mon, Aug 30, 2010 at 08:46:43PM +1000, Justin Clift wrote:
Hi all,
For anyone that's interested in setting up TLS with libvirt, but hasn't gotten around to it yet, there's a decent guide on the wiki now:
http://wiki.libvirt.org/page/TLSSetup
It's user focused (ie SysAdmin's), and has lots of pics explaining concepts, plus shows what needs to be done, and shows how to do it.
Please note, it doesn't cover SASL, it's just plain host based TLS.
Very much open to feedback on it, if people have suggestions for improvement.
Hope that helps. :)
Very nice :-) Thanks ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/
participants (3)
-
Daniel Veillard -
Jaromír Červenka -
Justin Clift