From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:51286)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1ULCtX-00014z-5s
	for qemu-devel@nongnu.org; Thu, 28 Mar 2013 09:29:32 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1ULCtU-0000hY-I0
	for qemu-devel@nongnu.org; Thu, 28 Mar 2013 09:29:31 -0400
Received: from mail-wi0-x22a.google.com ([2a00:1450:400c:c05::22a]:35692)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1ULCtU-0000hI-B5
	for qemu-devel@nongnu.org; Thu, 28 Mar 2013 09:29:28 -0400
Received: by mail-wi0-f170.google.com with SMTP id hm11so3384131wib.1
	for <qemu-devel@nongnu.org>; Thu, 28 Mar 2013 06:29:27 -0700 (PDT)
Date: Thu, 28 Mar 2013 14:29:24 +0100
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20130328132924.GD22865@stefanha-thinkpad.redhat.com>
References: <1364399849-5518-1-git-send-email-rjones@redhat.com>
	<1364399849-5518-2-git-send-email-rjones@redhat.com>
	<20130328104732.GA15114@stefanha-thinkpad.redhat.com>
	<20130328111657.GA1461@rhmail.home.annexia.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20130328111657.GA1461@rhmail.home.annexia.org>
Subject: Re: [Qemu-devel] [PATCH v4] block: Add support for Secure Shell
 (ssh) block device.
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Richard W.M. Jones" <rjones@redhat.com>
Cc: qemu-devel@nongnu.org

On Thu, Mar 28, 2013 at 11:16:58AM +0000, Richard W.M. Jones wrote:
> On Thu, Mar 28, 2013 at 11:47:32AM +0100, Stefan Hajnoczi wrote:
> > ssh(1) prompts the user to accept the hostkey.  When QEMU fails like
> > this the user needs to run ssh(1) first to populate known_hosts?
> 
> Yes - I tested this and qemu will simply fail to open the disk with
> the error message about the host key not being found.  Currently you
> have to manually log in (eg. with ssh), accept the key in ssh, and
> then retry the qemu command.
> 
> Not that I think this is much of a problem, as long as the error is
> clear.
> 
> But ... if I wanted to make qemu interactively ask about host keys, or
> even accept passwords, how would I do that?  Is there a block device
> driver that asks for passwords that I can look at?
> 
> [The only mention of 'password' is in the iscsi driver, and that seems
> to be related to passing passwords in the URL (!?!)]

There is an API to prompt for a image encryption key, see
.bdrv_set_key().

Stefan