diff --git a/docs/remote.html.in b/docs/remote.html.in index 39d65aaabe9d74bdee83a6c8ab30504081ff9b66..b55495093945bf18d45b1d1312eadca520b48f1d 100644 --- a/docs/remote.html.in +++ b/docs/remote.html.in @@ -275,6 +275,22 @@ Note that parameter values must be Example: netcat=/opt/netcat/bin/nc + + + + keyfile + + ssh + + The name of the private key file to use to authentication to the remote + machine. If this option is not used the default keys are used. + + + + + Example: keyfile=/root/.ssh/example_key + + no_verify diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index ec4133b2bcf7610aa895fd510f0b65a10179ac06..665ef04a34da52ec5c52a139b4214f42aec97bbb 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -352,7 +352,7 @@ doRemoteOpen (virConnectPtr conn, char *name = NULL, *command = NULL, *sockname = NULL, *netcat = NULL; char *port = NULL, *authtype = NULL, *username = NULL; int no_verify = 0, no_tty = 0; - char *pkipath = NULL; + char *pkipath = NULL, *keyfile = NULL; /* Return code from this function, and the private data. */ int retcode = VIR_DRV_OPEN_ERROR; @@ -425,6 +425,11 @@ doRemoteOpen (virConnectPtr conn, netcat = strdup (var->value); if (!netcat) goto out_of_memory; var->ignore = 1; + } else if (STRCASEEQ (var->name, "keyfile")) { + VIR_FREE(keyfile); + keyfile = strdup (var->value); + if (!keyfile) goto out_of_memory; + var->ignore = 1; } else if (STRCASEEQ (var->name, "no_verify")) { no_verify = atoi (var->value); var->ignore = 1; @@ -582,6 +587,7 @@ doRemoteOpen (virConnectPtr conn, no_tty, no_verify, netcat ? netcat : "nc", + keyfile, sockname))) goto failed; @@ -681,6 +687,7 @@ doRemoteOpen (virConnectPtr conn, VIR_FREE(sockname); VIR_FREE(authtype); VIR_FREE(netcat); + VIR_FREE(keyfile); VIR_FREE(username); VIR_FREE(port); VIR_FREE(pkipath); diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c index 7e88abaaa944a692df8dc37d805fb71ca3cbacbf..b845555bece233d2c707fb7e425021e917c0a852 100644 --- a/src/rpc/virnetclient.c +++ b/src/rpc/virnetclient.c @@ -201,11 +201,13 @@ virNetClientPtr virNetClientNewSSH(const char *nodename, bool noTTY, bool noVerify, const char *netcat, + const char *keyfile, const char *path) { virNetSocketPtr sock; - if (virNetSocketNewConnectSSH(nodename, service, binary, username, noTTY, noVerify, netcat, path, &sock) < 0) + if (virNetSocketNewConnectSSH(nodename, service, binary, username, noTTY, + noVerify, netcat, keyfile, path, &sock) < 0) return NULL; return virNetClientNew(sock, NULL); diff --git a/src/rpc/virnetclient.h b/src/rpc/virnetclient.h index a0983bc734b195e1c9f2762da8f2704570d5cbc6..90d19d397c8208e4ce9219b7ea4e7130a7ff80f8 100644 --- a/src/rpc/virnetclient.h +++ b/src/rpc/virnetclient.h @@ -46,6 +46,7 @@ virNetClientPtr virNetClientNewSSH(const char *nodename, bool noTTY, bool noVerify, const char *netcat, + const char *keyfile, const char *path); virNetClientPtr virNetClientNewExternal(const char **cmdargv); diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 71df9512997037c5d74ecc14fa614eaebc576a0f..d4c0bdd799677fe776ce31588a60720eaceda950 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -594,6 +594,7 @@ int virNetSocketNewConnectSSH(const char *nodename, bool noTTY, bool noVerify, const char *netcat, + const char *keyfile, const char *path, virNetSocketPtr *retsock) { @@ -611,6 +612,8 @@ int virNetSocketNewConnectSSH(const char *nodename, virCommandAddArgList(cmd, "-p", service, NULL); if (username) virCommandAddArgList(cmd, "-l", username, NULL); + if (keyfile) + virCommandAddArgList(cmd, "-i", keyfile, NULL); if (noTTY) virCommandAddArgList(cmd, "-T", "-o", "BatchMode=yes", "-e", "none", NULL); diff --git a/src/rpc/virnetsocket.h b/src/rpc/virnetsocket.h index e13ab8fb150dba6f3951c34e1547d4c63436b022..dfb3c5d031ef7ff91c77d592bc0db4869df40d24 100644 --- a/src/rpc/virnetsocket.h +++ b/src/rpc/virnetsocket.h @@ -69,6 +69,7 @@ int virNetSocketNewConnectSSH(const char *nodename, bool noTTY, bool noVerify, const char *netcat, + const char *keyfile, const char *path, virNetSocketPtr *addr); diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c index 0c86b84e8a230df35e44786fe83f3d7b5d0a3eb7..e72b9a01ba6486a2454055afd3b92e48525a904c 100644 --- a/tests/virnetsockettest.c +++ b/tests/virnetsockettest.c @@ -379,6 +379,7 @@ struct testSSHData { bool noTTY; bool noVerify; const char *netcat; + const char *keyfile; const char *path; const char *expectOut; @@ -400,6 +401,7 @@ static int testSocketSSH(const void *opaque) data->noTTY, data->noVerify, data->netcat, + data->keyfile, data->path, &csock) < 0) goto cleanup; @@ -542,6 +544,16 @@ mymain(void) if (virtTestRun("SSH test 5", 1, testSocketSSH, &sshData5) < 0) ret = -1; + struct testSSHData sshData6 = { + .nodename = "example.com", + .path = "/tmp/socket", + .keyfile = "/root/.ssh/example_key", + .noVerify = true, + .expectOut = "-i /root/.ssh/example_key -o StrictHostKeyChecking=no example.com nc -U /tmp/socket\n", + }; + if (virtTestRun("SSH test 6", 1, testSocketSSH, &sshData6) < 0) + ret = -1; + #endif return (ret==0 ? EXIT_SUCCESS : EXIT_FAILURE);