[PATCH v2 1/6] Introduce OpenSSH authorized key file mgmt APIs
Peter Krempa
pkrempa at redhat.com
Mon Nov 16 14:43:09 UTC 2020
On Mon, Nov 16, 2020 at 13:20:58 +0100, Michal Privoznik wrote:
> When setting up a new guest or when a management software wants
> to allow access to an existing guest the
> virDomainSetUserPassword() API can be used, but that might be not
> good enough if user want to ssh into the guest. Not only sshd has
> to be configured to accept password authentication (which is
> usually not the case for root), user have to type in their
> password. Using SSH keys is more convenient. Therefore, two new
> APIs are introduced:
>
> virDomainAuthorizedSSHKeysGet() which lists authorized keys for
> given user, and
>
> virDomainAuthorizedSSHKeysSet() which modifies the authorized
> keys file for given user (append, set or remove keys from the
> file).
>
> It's worth nothing that while authorized_keys file entries have
> some structure (as defined by sshd(8)), expressing that structure
> goes beyond libvirt's focus and thus "keys" are nothing but an
> opaque string to libvirt.
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> include/libvirt/libvirt-domain.h | 17 ++++
> src/driver-hypervisor.h | 15 ++++
> src/libvirt-domain.c | 133 +++++++++++++++++++++++++++++++
> src/libvirt_public.syms | 6 ++
> 4 files changed, 171 insertions(+)
Reviewed-by: Peter Krempa <pkrempa at redhat.com>
More information about the libvir-list
mailing list