[libvirt-users] Virsh+QEMU, SSH issue on compiled libvirt

Shantan Marepally (shanredd) shanredd at cisco.com
Wed Mar 6 00:17:50 UTC 2013 

Hi Dennis,

Thanks for the response. I tried two options: Disabling TLS and recompiling libvirt with TLS enabled. Both scenarios result in the same error.

All,

Another thing I did not mention in the previous post: I am only using the client (virsh) from the compiled set of tools. Libvirtd used on the server is from the standard prebuilt RPMS, would that make any difference, Any other ideas, suggestions?

Thanks,
Shantan

From: Will Dennis <wdennis at nec-labs.com<mailto:wdennis at nec-labs.com>>
Date: Tuesday, March 5, 2013 2:06 PM
To: Cisco Employee <shanredd at cisco.com<mailto:shanredd at cisco.com>>, "libvirt-users at redhat.com<mailto:libvirt-users at redhat.com>" <libvirt-users at redhat.com<mailto:libvirt-users at redhat.com>>
Subject: Re: [libvirt-users] Virsh+QEMU, SSH issue on compiled libvirt

Hi Shantan,

I believe the problem may be that libvirt 1.x requires TLS by default on connections. I saw that same problem the 1st time I replaces a running libvirt 0.9.x with 1.0.0. I believe there may be a way to turn off this requirement in libvirtd.conf, e.g.

#
# Network connectivity controls
#

# Flag listening for secure TLS connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
# have any effect.
#
# It is necessary to setup a CA and issue server certificates before
# using this capability.
#
# This is enabled by default, uncomment this to disable it
#listen_tls = 0

# Listen for unencrypted TCP connections on the public TCP/IP port.
# NB, must pass the --listen flag to the libvirtd process for this to
# have any effect.
#
# Using the TCP socket requires SASL authentication by default. Only
# SASL mechanisms which support data encryption are allowed. This is
# DIGEST_MD5 and GSSAPI (Kerberos5)
#
# This is disabled by default, uncomment this to enable it.
#listen_tcp = 1 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

On the two instances of libvirt 1.x I have deployed, I just configure and use TLS. Instructions on doing this may be found here:
http://wiki.libvirt.org/page/TLSSetup

HTH,
Will

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20130306/a8c086f0/attachment.htm>

More information about the libvirt-users mailing list