External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-06 09:55:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

schema: add ssh-agent configuration for ssh disks

Browse Source 
Add the ability to specify a path to a ssh-agent socket in order to use
the ssh-agent to authenticate to remote ssh disks. Example
configuration:

    <disk type='network'>
        </source protocol='ssh' ...>
            <identity username='myusername' agentsock='/path/to/socket'/>
            ...
        </source>
        ...
    </disk>

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Jonathon Jongsma 2023-07-14 15:14:25 -05:00
parent 68599168ea
commit 1195403c43
2 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/formatdomain.rst
View File

@ -3022,11 +3022,14 @@ paravirtualized driver is specified via the ``disk`` element.
are intended to be default, then the entire element may be omitted. are intended to be default, then the entire element may be omitted.
When using an ``ssh`` protocol, this element is used to enable When using an ``ssh`` protocol, this element is used to enable
authentication via ssh keys. In this configuration, the element has two authentication via ssh keys. In this configuration, the element has three
attributes. The ``username`` attribute specifies the name of the user on possible attributes. The ``username`` attribute is required and specifies
the remote server and the ``keyfile`` attribute specifies the path to the the name of the user on the remote server. ssh keys can be specified in
keyfile. Note that this only works for ssh keys that are not one of two ways. The first way is by adding them to an ssh-agent and
password-protected. providing the path to the ssh-agent socket in the ``agentsock``
attribute. This method works for ssh keys with or without password
protection. Alternatively, for ssh keys without a password, the ssh key
can be specified directly by setting the ``keyfile`` attribute.
``reconnect`` ``reconnect``
For disk type ``vhostuser`` configures reconnect timeout if the connection For disk type ``vhostuser`` configures reconnect timeout if the connection
is lost. This is set with the two mandatory attributes ``enabled`` and is lost. This is set with the two mandatory attributes ``enabled`` and

11
src/conf/schemas/domaincommon.rng
View File

@ -2187,9 +2187,14 @@
<attribute name="username"> <attribute name="username">
<ref name="genericName"/> <ref name="genericName"/>
</attribute> </attribute>
<attribute name="keyfile"> <choice>
<ref name="absFilePath"/> <attribute name="keyfile">
</attribute> <ref name="absFilePath"/>
</attribute>
<attribute name="agentsock">
<ref name="absFilePath"/>
</attribute>
</choice>
</interleave> </interleave>
</element> </element>
</define> </define>