[libvirt] connect: ssh: Shall we remove the dependency of netcat ?

zhang bo oscar.zhangbo at huawei.com
Fri Mar 27 02:54:26 UTC 2015


1 When we connect libvirt with URI "qemu+ssh", it uses 'nc' command to connect to libvirt-sock.

# virsh -c qemu+ssh://root@9.61.1.74/system list
Password: //ask users to input passwords here.
 Id    Name                           State
----------------------------------------------------
 11    pxe                            running

It in fact uses 'ssh' and 'nc' commands to connect to remote libvirt-sock, such as:
    ssh -l root 9.61.1.74 sh -c ''nc' -U /var/run/libvirt/libvirt-sock'

The code path is : virConnectOpen->doRemoteOpen->virNetClientNewSSH->virNetSocketNewConnectSSH

2 However, netcat(nc) is considered as an insecure tool, because it's too powerful in controlling the network.
  It's abandoned by some organizations.

3 So, is there any good substitution for netcat to realize qemu+ssh?




More information about the libvir-list mailing list