[PATCH v3 3/6] virsh: Expose OpenSSH authorized key file mgmt APIs
Peter Krempa
pkrempa at redhat.com
Wed Nov 18 14:29:29 UTC 2020
On Wed, Nov 18, 2020 at 14:34:21 +0100, Michal Privoznik wrote:
> The new virsh commands are:
>
> get-user-sshkeys
> set-user-sshkeys
>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> docs/manpages/virsh.rst | 38 ++++++++++
> tools/virsh-domain.c | 164 ++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 202 insertions(+)
>
> diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
> index bfd26e3120..543f62d429 100644
> --- a/docs/manpages/virsh.rst
> +++ b/docs/manpages/virsh.rst
[...]
> @@ -4004,6 +4019,29 @@ For QEMU/KVM, this requires the guest agent to be configured
> and running.
>
>
> +set-user-sshkeys
> +----------------
> +
> +**Syntax:**
> +
> +::
> +
> + set-user-sshkeys domain user [--file FILE] [{--reset | --remove}]
> +
> +Append keys read from *FILE* into *user*'sSSH authorized keys file in the guest
s/sS/s S/
> +*domain*. In the *FILE* keys must be on separate lines and each line must
> +follow authorized keys format as defined by *sshd(8)*.
> +
> +If *--reset* is specified, then the guest authorized keys file content is
> +removed before appending new keys. As a special case, if *--reset* is provided
> +and no *FILE* was provided then no new keys are added and the authorized keys
> +file is cleared out.
> +
> +If *--remove* is specified, then instead of adding any new keys then keys read
> +from *FILE* are removed from the authorized keys file. It is not considered an
> +error if the key does not exist in the file.
Reviewed-by: Peter Krempa <pkrempa at redhat.com>
More information about the libvir-list
mailing list