qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v4] block: Add support for Secure Shell (ssh) bl


From: Richard W.M. Jones
Subject: Re: [Qemu-devel] [PATCH v4] block: Add support for Secure Shell (ssh) block device.
Date: Wed, 3 Apr 2013 23:14:30 +0100
User-agent: Mutt/1.5.20 (2009-12-10)

On Thu, Mar 28, 2013 at 11:47:32AM +0100, Stefan Hajnoczi wrote:
> On Wed, Mar 27, 2013 at 03:57:29PM +0000, Richard W.M. Jones wrote:
[...]

Thanks for reviewing this patch.  I will post an updated v5 on this
list soon, but I also have some comments (below).

> Please run qemu-iotests, see tests/qemu-iotests/check.  For example,
> with NBD:
> 
>   $ cd tests/qemu-iotests
>   $ QEMU_PROG=$HOME/qemu/x86_64-softmmu/qemu-system-x86_64 
> PATH=$HOME/qemu:$PATH \
>     ./check -nbd
> 
> A patch will be required to add -ssh support to ./check.

I have added this in the updated patch.

A question: Are the -qcow2 tests meant to pass?  Many don't pass for
my ssh driver (ie. './check -ssh -qcow2').  I tried using the nbd
driver (ie. './check -nbd -qcow2') and a large number of those fail as
well.  To take an example, test 013 fails because it tries to run the
'mv' command on the nbd: URL (or the ssh: URL when running the test on
my block driver).  It looks like this and other qcow2 tests are a bit
broken on anything other than plain files.

[...]

> Does ssh(1) even use getpwuid(geteuid()) or does it check .ssh/config
> and then getenv("USER")?  Perhaps we can just getenv("USER")?

ssh uses getpwuid too.

The updated patch adds some thread-safe code to osdep.c, but still
doesn't work on Windows.

> > +    home = getenv("HOME");
> > +    if (home) {
> > +        knh_file = g_strdup_printf("%s/.ssh/known_hosts", home);
> > +    } else {
> > +        knh_file = g_strdup_printf("/root/.ssh/known_hosts");
> > +    }
> 
> Windows support?

I have no idea what Windows does for this, so I punted on the problem.

> > +        case LIBSSH2_KNOWNHOST_CHECK_MISMATCH:
> > +            ret = -EINVAL;
> > +            session_error_report(s, "host key does not match the one in 
> > known_hosts (found key %s)",
> > +                                 found->key);
> 
> Does the user know the offending known_hosts line?  ssh(1) normally says
> something like "Mismatch with line ~/.ssh/known_hosts:35" so you know
> which hostkey to drop if you wish to proceed.

Unfortunately it doesn't appear that libssh2 keeps the original line
number around.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v



reply via email to

[Prev in Thread] Current Thread [Next in Thread]