From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:58643)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1UQE0P-0006G8-T0
	for qemu-devel@nongnu.org; Thu, 11 Apr 2013 05:41:24 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1UQE0M-0003Vm-Aj
	for qemu-devel@nongnu.org; Thu, 11 Apr 2013 05:41:21 -0400
Received: from mail-ea0-x229.google.com ([2a00:1450:4013:c01::229]:58795)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1UQE0M-0003VW-4a
	for qemu-devel@nongnu.org; Thu, 11 Apr 2013 05:41:18 -0400
Received: by mail-ea0-f169.google.com with SMTP id n15so630756ead.14
	for <qemu-devel@nongnu.org>; Thu, 11 Apr 2013 02:41:17 -0700 (PDT)
Date: Thu, 11 Apr 2013 11:41:14 +0200
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20130411094114.GA9165@stefanha-thinkpad.redhat.com>
References: <1365517855-16906-1-git-send-email-rjones@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1365517855-16906-1-git-send-email-rjones@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v9 1/3] block: Add support for Secure Shell
 (ssh) block device.
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Richard W.M. Jones" <rjones@redhat.com>
Cc: qemu-devel@nongnu.org

On Tue, Apr 09, 2013 at 03:30:52PM +0100, Richard W.M. Jones wrote:
> Changes since v8:
> 
> - Implement the suggestions of Stefan Hajnoczi.
> 
> - Add host_key_check parameter, which you can use like this:
> 
>   ssh://[...]?host_key_check=no     # skip the check entirely
>   ssh://[...]?host_key_check=yes    # the default, uses known_hosts
> 
>   # or check for a specific host key fingerprint:
>   ssh://[...]?host_key_check=md5:<usual SSH host key fingerprint>
>   ssh://[...]?host_key_check=sha1:<SHA1 fingerprint>
> 
> Note that I cannot persuade OpenSSH to display the SHA1 fingerprint of
> a host key, so sha1: is not tested.
> 
> A possible extension to this would be to check for the exact key (not
> the fingerprint, which is just a hash of the key), although in this
> case the URI would be very long indeed, possibly longer than URIs are
> supposed to be in some cases.
> 
> Rich.

Thanks, applied to my block tree:
https://github.com/stefanha/qemu/commits/block

libssh2.git now includes fsync support so we can take the fsync patch.

Stefan