mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-07-06 18:05:45 +00:00
3310b12d52
It's not possible to use password-protected ssh keys directly with libvirt because libvirt doesn't have any way to prompt a user for the password. To accomodate password-protected key files, an administrator can add these keys to an ssh agent and then configure the domain with the path to the ssh-agent socket. Note that this requires an administrator or management app to configure the ssh-agent with an appropriate socket path and add the necessary keys to it. In addition, it does not currently work with selinux enabled. The ssh-agent socket would need a label that libvirt would be allowed to access rather than unconfined_t. Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
10 lines
217 B
Plaintext
10 lines
217 B
Plaintext
SSH_AUTH_SOCK=/path/to/agent/socket \
|
|
nbdkit \
|
|
--unix /tmp/statedir-0/nbdkit-test-disk-0.socket \
|
|
--foreground ssh \
|
|
host=example.org \
|
|
port=2222 \
|
|
path=test1.img \
|
|
user=myuser \
|
|
known-hosts=/path/to/ssh_known_hosts1
|