git.ipfire.org Git - thirdparty/libvirt.git/commit

author	Michal Privoznik <mprivozn@redhat.com>
	Mon, 9 Nov 2020 19:45:36 +0000 (20:45 +0100)
committer	Michal Privoznik <mprivozn@redhat.com>
	Wed, 18 Nov 2020 15:18:25 +0000 (16:18 +0100)
commit	de0b6dd63ef9353c20ed6242aff641e7c5e4abda
tree	ed4c12f99a0a3796d964bd185d805c0a10d7bbee	tree
parent	7dc12ac2f8d626acd11ac912a2102fd39a25d812	commit \| diff

Introduce OpenSSH authorized key file mgmt APIs

When setting up a new guest or when a management software wants
to allow access to an existing guest the
virDomainSetUserPassword() API can be used, but that might be not
good enough if user want to ssh into the guest. Not only sshd has
to be configured to accept password authentication (which is
usually not the case for root), user have to type in their
password. Using SSH keys is more convenient. Therefore, two new
APIs are introduced:

virDomainAuthorizedSSHKeysGet() which lists authorized keys for
given user, and

virDomainAuthorizedSSHKeysSet() which modifies the authorized
keys file for given user (append, set or remove keys from the
file).

It's worth nothing that while authorized_keys file entries have
some structure (as defined by sshd(8)), expressing that structure
goes beyond libvirt's focus and thus "keys" are nothing but an
opaque string to libvirt.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>

include/libvirt/libvirt-domain.h		diff \| blob \| blame \| history
src/driver-hypervisor.h		diff \| blob \| blame \| history
src/libvirt-domain.c		diff \| blob \| blame \| history
src/libvirt_public.syms		diff \| blob \| blame \| history