libvirt/tests/qemunbdkitdata/disk-network-ssh-key.args.disk1
Jonathon Jongsma 3310b12d52 qemu: implement ssh-agent auth for ssh disks with nbdkit
It's not possible to use password-protected ssh keys directly with
libvirt because libvirt doesn't have any way to prompt a user for the
password. To accomodate password-protected key files, an administrator
can add these keys to an ssh agent and then configure the domain with
the path to the ssh-agent socket.

Note that this requires an administrator or management app to
configure the ssh-agent with an appropriate socket path and add the
necessary keys to it. In addition, it does not currently work with
selinux enabled. The ssh-agent socket would need a label that libvirt
would be allowed to access rather than unconfined_t.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-09-19 14:28:50 -05:00

10 lines
207 B
Plaintext

nbdkit \
--unix /tmp/statedir-1/nbdkit-test-disk-1.socket \
--foreground ssh \
host=example.org \
port=2222 \
path=test2.img \
identity=/path/to/id_rsa \
user=myuser2 \
known-hosts=/path/to/ssh_known_hosts2