From c34fe9a52abdde05cb31c5bd2c99237652e1b0dc Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 11 Jul 2022 09:01:56 +0200 Subject: [PATCH] input-xen: sync "-ip" limitations language from input-vmware manual My analysis in was partially wrong; I had missed that for the xen+ssh transport, the client-side libvirt library launches a naked "ssh" utility, underneath "Libvirt.Connect.connect_auth": setup [input/input_xen_ssh.ml] Libvirt.Connect.connect_auth no effect of "-ip" Nbdkit_ssh.create_ssh [input/nbdkit_ssh.ml] starts nbdkit with the ssh plugin honoring "-ip" Which requires a password just the same, and ignores "-ip" just the same. Recommend the ssh agent in the docs. Fixes: 46298c6514710013c59828b4933f0b3b1a354566 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1854275 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2062360 Signed-off-by: Laszlo Ersek Message-Id: <20220711070157.5399-2-lersek@redhat.com> Reviewed-by: Richard W.M. Jones (cherry picked from commit ae067a9ce0eb5631940a8cc5dcc5ee056903276b) --- docs/virt-v2v-input-xen.pod | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/virt-v2v-input-xen.pod b/docs/virt-v2v-input-xen.pod index ad5772de..80ad94f7 100644 --- a/docs/virt-v2v-input-xen.pod +++ b/docs/virt-v2v-input-xen.pod @@ -32,6 +32,11 @@ server to the Xen host. For example: $ ssh root@xen.example.com [ logs straight into the shell, no password is requested ] +Note that support for non-interactive authentication via the I<-ip> +option is incomplete. Some operations remain that still require the +user to enter the password manually. Therefore ssh-agent is recommended +over the I<-ip> option. See L. + With some modern ssh implementations, legacy crypto policies required to interoperate with RHEL 5 sshd are disabled. To enable them you may need to run this command on the conversion server (ie. ssh client),