[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: guest agent public ssh key add/remove support?
|
From: |
Christian Schoenebeck |
|
Subject: |
Re: guest agent public ssh key add/remove support? |
|
Date: |
Wed, 19 Aug 2020 16:17:30 +0200 |
On Mittwoch, 19. August 2020 15:49:50 CEST David Vossel wrote:
> > There are two pass-through file systems in QEMU: 9pfs and virtiofs. Don't
> > you
> > think they would be sufficient for the use case?
>
> probably not entirely.
>
> Understand this isn't an either/or scenario. Our api has been designed to
> support multiple "propagation" methods for the ssh keys. We've converged on
> the qemu guest agent for some other features and the agent appears to have
> the potential to provide us the greatest flexibility when it comes to how
> we want this pub ssh key use case to work. This isn't to say something
> like virtiofs won't make sense either in certain scenarios, but for the
> purposes of this discussion we're hoping to explore how the qemu guest
> agent could be used.
>
> I don't want to go too deep into the shared filesystem approach. I'll
> provide some context on the challenges there though.
Expected response, but I could not resist. ;-)
> - virtiofs requires guest kernel >= 5.4. We aren't considering 9p due to
> security/performance concerns.
Hey, there had been no security issue for quite a while with 9pfs. :)
And I am working on the performance issues actually.
Best regards,
Christian Schoenebeck