[libvirt] Fwd: libvirt secret support password or encryption keys?
FWD Hi, all PLS help, i'm reviewing man doc of libvirt secrets # man virsh ... SECRET COMMMANDS The following commands manipulate "secrets" (e.g. passwords, passphrases -----> secret-set-value only support base64 "passphrases" and encryption keys). Libvirt can store secrets independently from their use, and other objects (e.g. volumes or domains) can refer to the secrets for encryption or possibly other uses. Secrets are identified using an UUID. See <http://libvirt.org/formatsecret.html> for documentation of the XML format used to represent properties of secrets. ... So, I want to know that if libvirt support other 2 kinds of "secrets". And if so, How to use password and encrytion keys ? If libvirt not support that, i will file a bug of this man doc. BR zhpeng ----- Forwarded Message ----- From: "Zhimou Peng" <zhpeng@redhat.com> To: "Daniel Berrange" <berrange@redhat.com> Sent: Thursday, June 14, 2012 1:38:09 PM Subject: Fwd: libvirt secret support password or encryption keys? Hi, Daniel I saw your blog:http://berrange.com/posts/2009/12/02/using-qcow2-disk-encryption-with-libvir... and there is only "type=passphrases", so how can i use password or encrytion keys? zhpeng BR ----- Forwarded Message ----- From: "Zhimou Peng" <zhpeng@redhat.com> To: "Daniel Berrange" <berrange@redhat.com> Cc: "s3-bug-review" <s3-bug-review@redhat.com> Sent: Tuesday, June 12, 2012 2:03:05 PM Subject: libvirt secret support password or encryption keys? Hi all, # man virsh ... SECRET COMMMANDS The following commands manipulate "secrets" (e.g. passwords, passphrases -----> secret-set-value only support base64 "passphrases" and encryption keys). Libvirt can store secrets independently from their use, and other objects (e.g. volumes or domains) can refer to the secrets for encryption or possibly other uses. Secrets are identified using an UUID. See <http://libvirt.org/formatsecret.html> for documentation of the XML format used to represent properties of secrets. ... So, I want to know that if libvirt support other 2 kinds of "secrets". And if so, How to use password and encrytion keys ? If libvirt not support that, i will file a bug of this man doc. zhpeng BR
On 06/19/2012 03:38 AM, Zhimou Peng wrote:
FWD
Hi, all PLS help, i'm reviewing man doc of libvirt secrets
# man virsh ... SECRET COMMMANDS The following commands manipulate "secrets" (e.g. passwords, passphrases -----> secret-set-value only support base64 "passphrases"
secret-set-value supports _all_ types of secrets, since a secret is _any_ base64-encoded text. Whether you use that secret information as a password, a passphrase, and encryption key, or something else is up to how you have connected that secret to the rest of your virtual machine management.
and encryption keys). Libvirt can store secrets independently from their use, and other objects (e.g. volumes or domains) can refer to the secrets for encryption or possibly other uses. Secrets are identified using an UUID. See <http://libvirt.org/formatsecret.html> for documentation of the XML format used to represent properties of secrets. ...
So, I want to know that if libvirt support other 2 kinds of "secrets". And if so, How to use password and encrytion keys ? If libvirt not support that, i will file a bug of this man doc.
I'm not sure where you are getting confused; would it help if the man page for 'secret-set-value' used the term 'secret' instead of 'passphrase', since 'secret' is the generic term for any base64-encoded data that must be kept secret? You are welcome to submit a patch yourself; the man page source is in tools/virsh.pod. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Hi Eric, I'm not understand this before. Thanks! zhpeng BR ----- Original Message ----- From: "Eric Blake" <eblake@redhat.com> To: "Zhimou Peng" <zhpeng@redhat.com> Cc: libvir-list@redhat.com, "s3-bug-review" <s3-bug-review@redhat.com> Sent: Wednesday, June 20, 2012 6:22:08 AM Subject: Re: [libvirt] Fwd: libvirt secret support password or encryption keys? On 06/19/2012 03:38 AM, Zhimou Peng wrote:
FWD
Hi, all PLS help, i'm reviewing man doc of libvirt secrets
# man virsh ... SECRET COMMMANDS The following commands manipulate "secrets" (e.g. passwords, passphrases -----> secret-set-value only support base64 "passphrases"
secret-set-value supports _all_ types of secrets, since a secret is _any_ base64-encoded text. Whether you use that secret information as a password, a passphrase, and encryption key, or something else is up to how you have connected that secret to the rest of your virtual machine management.
and encryption keys). Libvirt can store secrets independently from their use, and other objects (e.g. volumes or domains) can refer to the secrets for encryption or possibly other uses. Secrets are identified using an UUID. See <http://libvirt.org/formatsecret.html> for documentation of the XML format used to represent properties of secrets. ...
So, I want to know that if libvirt support other 2 kinds of "secrets". And if so, How to use password and encrytion keys ? If libvirt not support that, i will file a bug of this man doc.
I'm not sure where you are getting confused; would it help if the man page for 'secret-set-value' used the term 'secret' instead of 'passphrase', since 'secret' is the generic term for any base64-encoded data that must be kept secret? You are welcome to submit a patch yourself; the man page source is in tools/virsh.pod. -- Eric Blake eblake@redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (2)
-
Eric Blake -
Zhimou Peng