[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [Libvir] PATCH: 1/10: SASL authentication support
- From: Jim Meyering <jim meyering net>
- To: "Daniel P. Berrange" <berrange redhat com>
- Cc: libvir-list redhat com
- Subject: Re: [Libvir] PATCH: 1/10: SASL authentication support
- Date: Fri, 30 Nov 2007 14:12:17 +0100
"Daniel P. Berrange" <berrange redhat com> wrote:
> On Thu, Nov 29, 2007 at 02:43:09PM -0500, Daniel Veillard wrote:
...
>> I know, I have also argued against it (and that's why libxml2 doesn't
>> parse it), but this can be way more convenient at times, and also
>> has the potential to remove asynchronous interaction for example
>> when using scripts.
>
> There's better ways to deal with scripting. eg, we could add a flag to
> virsh '--auth /path/to/file' where the file contained key,value pairs
> for each credential. Or could have an env var VIR_AUTH_FILE pointing
> to such a file, which can be processed by the default callback I aded.
> That lets you automate login, without leaking the confidential data
> anywhere.
Or, you could do what gpg does and use a gpg-agent-style envvar
to specify socket and PID:
GPG_AGENT_INFO=/path/to/socket:NNNNN:1
Then you'd use the path and pid used by your existing gpg-agent.
When I started gpg-signing things regularly, I switched from ssh-agent
to gpg-agent, and it takes care of auth for both gpg signing and
ssh connections.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]