Re: [libvirt-users] First & long question
On 16/12/13 17:41, Eric Blake wrote:
On 12/16/2013 08:53 AM, Joaquim Barrera wrote:
[please don't top-post on technical lists]
Sorry about that.
> Excuse me for the duplicate anwer but I observed exactly what I
was
> telling you. I execute "sudo ./run tools/virsh" and then:
If you are running virsh as sudo, then you must remember that virsh is
running under root, not you.
> 'connect qemu+ssh://user@IP_ADDRESS:PORT/system' and it asks me the
> password. Everything goes right.
Yes, for a single connection, remote password authentication over
qemu+ssh works.
> 'migrate --verbose --persistent --copy-storage-inc VM1
> qemu+ssh://user@IP_ADDRESS:PORT/system' and it asks me the password, but
> never gets it right. I allways get to the third attempt and get rejected.
That's because the qemu+ssh URI has an inherent design limitation that
it can only validate a single connection, but migration requires two
connections. You can try qemu+libssh:// URIs instead, which is supposed
to resolve the authentication issues by using libssh within virsh
instead of an external call to ssh(1) (although I haven't tried it
myself). Or you can set up passwordless login over ssh (such as by
using ssh-copy-id) - but remember that you must set it up so that root
can access user@IP_ADDRESS:PORT (since 'sudo virsh' is running as root,
not you).
All right, I tried qemu+libssh2 but got more problems. Finally I went
for passwordless login and at some point I'll try to handle it again.
My main issue here was actually the reason why it works using standard
virsh 1.1.1 but it does not with custom compiled 1.2.0, but I guess it's
a matter of compiling options or some parameter I missed.
Thanks again!