shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-25 10:03:49 +03:00
Code Releases Activity

schema: add keyfile configuration for ssh disks

Browse Source 
Authenticating via key file to an ssh server is often preferable to
logging in via password. In order to support this functionality add a
new <identity> xml element for ssh disks that allows the user to specify
a keyfile and username. Example configuration:

    <disk type='network'>
      <source protocol='ssh' ...>
        <identity keyfile='/path/to/id_rsa' username='myusername'/>
        ...
      </source>
    ...
    </disk>

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Jonathon Jongsma 2023-01-19 15:52:20 -06:00
parent 21b377a31b
commit 1e2fa6d524
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/formatdomain.rst
View File

@ -3020,6 +3020,13 @@ paravirtualized driver is specified via the ``disk`` element.
of these attributes is omitted, then that field is assumed to be the of these attributes is omitted, then that field is assumed to be the
default value for the current system. If both ``user`` and ``group`` default value for the current system. If both ``user`` and ``group``
are intended to be default, then the entire element may be omitted. are intended to be default, then the entire element may be omitted.
When using an ``ssh`` protocol, this element is used to enable
authentication via ssh keys. In this configuration, the element has two
attributes. The ``username`` attribute specifies the name of the user on
the remote server and the ``keyfile`` attribute specifies the path to the
keyfile. Note that this only works for ssh keys that are not
password-protected.
``reconnect`` ``reconnect``
For disk type ``vhostuser`` configures reconnect timeout if the connection For disk type ``vhostuser`` configures reconnect timeout if the connection
is lost. This is set with the two mandatory attributes ``enabled`` and is lost. This is set with the two mandatory attributes ``enabled`` and

19
src/conf/schemas/domaincommon.rng
View File

@ -2181,6 +2181,19 @@
</element> </element>
</define> </define>
<define name="diskSourceNetworkProtocolSSHKeyDef">
<element name="identity">
<interleave>
<attribute name="username">
<ref name="genericName"/>
</attribute>
<attribute name="keyfile">
<ref name="absFilePath"/>
</attribute>
</interleave>
</element>
</define>
<define name="diskSourceNetworkProtocolSSH"> <define name="diskSourceNetworkProtocolSSH">
<element name="source"> <element name="source">
<interleave> <interleave>
@ -2200,11 +2213,15 @@
<ref name="diskSourceNetworkProtocolSSHHostVerify"/> <ref name="diskSourceNetworkProtocolSSHHostVerify"/>
</optional> </optional>
<optional> <optional>
<ref name="diskAuth"/> <choice>
<ref name="diskSourceNetworkProtocolSSHKeyDef"/>
<ref name="diskAuth"/>
</choice>
</optional> </optional>
</interleave> </interleave>
</element> </element>
</define> </define>
<define name="diskSourceNetworkProtocolSimple"> <define name="diskSourceNetworkProtocolSimple">
<element name="source"> <element name="source">
<interleave> <interleave>