[libvirt-users] xen+ssh with openauth

Shahar Havivi shaharh at redhat.com
Wed Nov 11 11:02:34 UTC 2015 

On 03.11.15 15:37, Daniel P. Berrange wrote:
> On Tue, Nov 03, 2015 at 10:14:00AM +0200, Shahar Havivi wrote:
> > Hi,
> > 
> > I am trying to connect to remote libvirt via script,
> > and I get password prompt from the shell.
> > 
> > 
> > ============================================================================
> > uri='xen+ssh://root@myserver/?no_verify=1'
> > def req(credentials, user_data):
> >     print('in req...\n')
> >     for cred in credentials:
> >         if cred[0] == libvirt.VIR_CRED_AUTHNAME:
> >             cred[4] = username
> >         elif cred[0] == libvirt.VIR_CRED_PASSPHRASE:
> >             cred[4] = passwd
> >     return 0
> > 
> > auth = [[libvirt.VIR_CRED_AUTHNAME, libvirt.VIR_CRED_PASSPHRASE], req, None]
> > con = libvirt.openAuth(uri, auth, 0)
> > ============================================================================
> > 
> > The script never enter req() method but prompts for password, after I enter
> > the password I am able to connect to the remote machine.
> 
> The '+ssh' method actually spawns the /usr/bin/ssh binary to connect to
> the remote host. As such libvirt has no API mechanism to handle credential
> collection for the binary via openAuth(). So the only viable way to use the
> +ssh method is with SSH keys and SSH agent, to avoid any interactive auth
> prompts.
> 
> There is an alternative method +libssh2 which uses the libssh2 library
> instead of SSH binary. This allows libvirt to collect credentials via
> the openAuth() method.
> 
>   http://libvirt.org/remote.html#Remote_URI_reference
Thank you Daniel,
Decided to go with xen+ssh with public key authentication which works fine.
I notice a problem in several methods that returns:
"libvirt: Remote Driver error : unknown procedure: 273"

for example listDefinedDomains works fine:
In [104]: con.listDefinedDomains()
Out[104]: ['fedora22']

but listAllDomains fails:
============================================================================
In [105]: con.listAllDomains()
libvirt: Remote Driver error : unknown procedure: 273
---------------------------------------------------------------------------
libvirtError                              Traceback (most recent call last)
<ipython-input-105-a702d3dbcff3> in <module>()
----> 1 con.listAllDomains()

/usr/lib64/python2.7/site-packages/libvirt.pyc in listAllDomains(self, flags)
4925         ret = libvirtmod.virConnectListAllDomains(self._o, flags)
4926         if ret is None:
-> 4927             raise libvirtError("virConnectListAllDomains()
failed", conn=self)
4928
4929         retlist = list()
============================================================================

Any suggestion why?

Thank you,
 Shahar.


> 
> Regards,
> Daniel
> -- 
> |: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
> |: http://libvirt.org              -o-             http://virt-manager.org :|
> |: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
> |: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvirt-users mailing list