2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
> Ah, the authentication callback is used for hypervisor level
> authentication. You cannot provide credentials for SSH transport level
> authentication through the libvirt API. You'll need to setup the SSL
> certificates properly to enable automatic SSH login if you don't want
> to be prompted for the SSH credentials.
>
> Matthias
Ohh... ok... it's not really what I want (because I could have many
different machines to configure).
Reading to libvirt sources (the c file) it seams that auth callbacks
should be used also for the ssh code (inside openSSHSession method):
virConnectCredential creds[] = {
{VIR_CRED_PASSPHRASE, "password", "Password", NULL, NULL,
0},
};
if (!auth || !auth->cb) {
PHYP_ERROR(conn, VIR_ERR_AUTH_FAILED,
"%s", _("No authentication callback
provided."));
goto disconnect;
}
maybe in some way it's possible to use ssh too with auth (I don't know
but I want to try).
Anyway, Matt, if I expose libvirt over tcp can I use it directly with
provided callbacks?
Thanks a lot
Bye
Marco
Don't mixup the internal of the IBM Power Hypervisor (phyp) driver and
the libvirt remote transport mechanisms. The phyp driver uses libssh2
internally and relies on the auth callback to let the user provide
credentials. This in not in any way related to the libvirt remote
transport mechanisms.
As I said before, the auth callback you can pass to virConnectOpenAuth
is not used for the libvirt SSH remote transport authentication. The
same it true for the TCP transport, it uses SASL for authentication by
default.
Matthias