mirror of https://gitee.com/openkylin/libvirt.git
schema: add ssh-agent configuration for ssh disks
Add the ability to specify a path to a ssh-agent socket in order to use
the ssh-agent to authenticate to remote ssh disks. Example
configuration:
<disk type='network'>
</source protocol='ssh' ...>
<identity username='myusername' agentsock='/path/to/socket'/>
...
</source>
...
</disk>
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Jonathon Jongsma
parent
68599168ea
commit
1195403c43
|
|
@ -3022,11 +3022,14 @@ paravirtualized driver is specified via the ``disk`` element.
|
||||||
are intended to be default, then the entire element may be omitted.
|
are intended to be default, then the entire element may be omitted.
|
||||||
|
|
||||||
When using an ``ssh`` protocol, this element is used to enable
|
When using an ``ssh`` protocol, this element is used to enable
|
||||||
authentication via ssh keys. In this configuration, the element has two
|
authentication via ssh keys. In this configuration, the element has three
|
||||||
attributes. The ``username`` attribute specifies the name of the user on
|
possible attributes. The ``username`` attribute is required and specifies
|
||||||
the remote server and the ``keyfile`` attribute specifies the path to the
|
the name of the user on the remote server. ssh keys can be specified in
|
||||||
keyfile. Note that this only works for ssh keys that are not
|
one of two ways. The first way is by adding them to an ssh-agent and
|
||||||
password-protected.
|
providing the path to the ssh-agent socket in the ``agentsock``
|
||||||
|
attribute. This method works for ssh keys with or without password
|
||||||
|
protection. Alternatively, for ssh keys without a password, the ssh key
|
||||||
|
can be specified directly by setting the ``keyfile`` attribute.
|
||||||
``reconnect``
|
``reconnect``
|
||||||
For disk type ``vhostuser`` configures reconnect timeout if the connection
|
For disk type ``vhostuser`` configures reconnect timeout if the connection
|
||||||
is lost. This is set with the two mandatory attributes ``enabled`` and
|
is lost. This is set with the two mandatory attributes ``enabled`` and
|
||||||
|
|
|
||||||
|
|
@ -2187,9 +2187,14 @@
|
||||||
<attribute name="username">
|
<attribute name="username">
|
||||||
<ref name="genericName"/>
|
<ref name="genericName"/>
|
||||||
</attribute>
|
</attribute>
|
||||||
<attribute name="keyfile">
|
<choice>
|
||||||
<ref name="absFilePath"/>
|
<attribute name="keyfile">
|
||||||
</attribute>
|
<ref name="absFilePath"/>
|
||||||
|
</attribute>
|
||||||
|
<attribute name="agentsock">
|
||||||
|
<ref name="absFilePath"/>
|
||||||
|
</attribute>
|
||||||
|
</choice>
|
||||||
</interleave>
|
</interleave>
|
||||||
</element>
|
</element>
|
||||||
</define>
|
</define>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue