Re: [Qemu-devel] [PULL v4 00/38] Test and build patches

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PULL v4 00/38] Test and build patches

From:	Peter Maydell
Subject:	Re: [Qemu-devel] [PULL v4 00/38] Test and build patches
Date:	Fri, 15 Sep 2017 13:03:54 +0100

On 15 September 2017 at 12:40, Daniel P. Berrange <address@hidden> wrote:
> IIUC, the public part of the key gets exposed to the guest images via
> cloud-init metadata. During boot the guest read this metadata and add
> the public key to authorized_keys. The private key is used by the test
> suite on the host so that it can now login to the guests.
>
> So the risk here is that if these guests were exposed to the LAN in any
> way, someone could grab our private key and login to these guests.
>
> What saves us is that the VMs are run with user mode slirp networking
> so AFAICT, aren't exposed to the LAN.

If I'm reading the right bit of the script we run QEMU with a
hostfwd specification using 0.0.0.0 as the host part -- doesn't
that listen on all interfaces including the LAN ones?

thanks
-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL v4 12/38] tests: Add vm test lib, (continued)
- [Qemu-devel] [PULL v4 12/38] tests: Add vm test lib, Fam Zheng, 2017/09/15
- [Qemu-devel] [PULL v4 16/38] tests: Add OpenBSD image, Fam Zheng, 2017/09/15
- [Qemu-devel] [PULL v4 18/38] MAINTAINERS: Add tests/vm entry, Fam Zheng, 2017/09/15
- [Qemu-devel] [PULL v4 13/38] tests: Add ubuntu.i386 image, Fam Zheng, 2017/09/15
- [Qemu-devel] [PULL v4 19/38] tests: Add README for vm tests, Fam Zheng, 2017/09/15
- [Qemu-devel] [PULL v4 15/38] tests: Add NetBSD image, Fam Zheng, 2017/09/15
- [Qemu-devel] [PULL v4 20/38] docker: Use archive-source.py, Fam Zheng, 2017/09/15
- Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Peter Maydell, 2017/09/15
  - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Fam Zheng, 2017/09/15
  - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Daniel P. Berrange, 2017/09/15
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Peter Maydell <=
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Daniel P. Berrange, 2017/09/15
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Fam Zheng, 2017/09/15
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Daniel P. Berrange, 2017/09/15
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Fam Zheng, 2017/09/15
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Philippe Mathieu-Daudé, 2017/09/15
    - Re: [Qemu-devel] [PULL v4 00/38] Test and build patches, Fam Zheng, 2017/09/15

Prev by Date: Re: [Qemu-devel] [PATCH RFC 1/1] s390x/ccw: create s390 phb for compat reasons as well
Next by Date: Re: [Qemu-devel] [RFC 00/15] QMP: out-of-band (OOB) execution support
Previous by thread: Re: [Qemu-devel] [PULL v4 00/38] Test and build patches
Next by thread: Re: [Qemu-devel] [PULL v4 00/38] Test and build patches
Index(es):
- Date
- Thread