On Friday, 26 July 2019 16:27:11 CEST Richard W.M. Jones wrote: > On Fri, Jul 26, 2019 at 04:09:52PM +0200, Pino Toscano wrote: > > These two patches add the password and private key authentication > > methods to the ssh block driver, using secure objects for > > passwords/passphrases. > > I was attempting to test this but couldn't work out the full command > line to use it (with qemu-img). I got as far as: > > $ ./qemu-img convert -p 'json:{ "file.driver": "ssh", "file.host": "devr7", > "file.path": "/var/tmp/root", "file.password-secret": "..." }' /var/tmp/root > > I guess the secret should be specified using --object, but at that > point I gave up.
Almost there :) add e.g. --object 'secret,id=sec0,file=passwd' as parameter for the convert command (so after it, not before), and then set 'sec0' as value for file.password-secret. Of course 'sec0' is arbitrary, any other QEMU id will do. A long helpful comment in include/crypto/secret.h explains the basics of the crypto objects. -- Pino Toscano
signature.asc
Description: This is a digitally signed message part.