Hi Corey, Thanks a lot for your detailed answer!
2019-02-19, Corey Minyard: > If you really wanted to do this, you would need to implement the IPMI > LAN protocol inside QEMU and sit it on top of a UDP chardev. It could > then plug into the standard IPMI infrastructure in QEMU. The power > management functions are already there. > > The openipmi lanserv code is something you can steal from, it's at > https://github.com/cminyard/openipmi/tree/master/lanserv > > My suggestion, though, would be to implement something that ran over > TLS with two-way authentication. It doesn't look too hard to do > in qemu (though I haven't tried it) but you could have a qemu console > running over TLS that would allow you control from another qemu session. > Plus it would give you authorization and encryption on your qemu > console logins, which is probably a good thing. > > <shameless-plug> I have been working on a library that makes it easy > (easier? The pain is always in the key management) to make TLS > connections. It's at https://github.com/cminyard/gensio and you > can use it from C or Python.</shameless-plug> > But there are many tools to accomplish this. Ugh, I feared this would not be a walk in the park :) This is unfortunately too much work for me at the moment. I don't like it but I think I will have to live with vms communicating through a SLIRP device to access the ipmi lanserv daemon. I just need to figure out how this works, because vbmc-qemu does not cut it for me. It does not allow fine-tuning the QEMU command line. -- Robin
