On Fri, Sep 15, 2017 at 01:03:54PM +0100, Peter Maydell wrote: > On 15 September 2017 at 12:40, Daniel P. Berrange <berra...@redhat.com> wrote: > > IIUC, the public part of the key gets exposed to the guest images via > > cloud-init metadata. During boot the guest read this metadata and add > > the public key to authorized_keys. The private key is used by the test > > suite on the host so that it can now login to the guests. > > > > So the risk here is that if these guests were exposed to the LAN in any > > way, someone could grab our private key and login to these guests. > > > > What saves us is that the VMs are run with user mode slirp networking > > so AFAICT, aren't exposed to the LAN. > > If I'm reading the right bit of the script we run QEMU with a > hostfwd specification using 0.0.0.0 as the host part -- doesn't > that listen on all interfaces including the LAN ones?
Actually yes, you are right, my bad. That needs to be fixed to use 127.0.0.1 for sure. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
