----- Original Message ----- > From: "Sven Kieske" <[email protected]> > To: [email protected] > Sent: Tuesday, October 21, 2014 10:30:34 AM > Subject: Re: [ovirt-users] [Fwd: options for root and password] > > > > On 21/10/14 09:21, Sven Kieske wrote: > > > > > > On 21/10/14 09:05, Yedidyah Bar David wrote: > >> ----- Original Message ----- > >>> From: "Hoot Thompson" <[email protected]> > >>> To: [email protected] > >>> Sent: Tuesday, October 21, 2014 3:52:24 AM > >>> Subject: [ovirt-users] [Fwd: options for root and password] > >>> > >>> > >>> > >>> Is there an alternative to the root/paasword approach to managing hosts > >>> (by the engine)? Our preference would be keys/passphrase if that's > >>> possible. > >> > >> IIRC we already allow that, no? In the "new host" dialog you can choose > >> "ssh public key". > >> > >> Best, > >> > > > > Well there is this wiki page: > > > > http://www.ovirt.org/Features/Ssh_Abilities > > > > but it is from 2013 and has this security hole: > > > > "Currently we don't enforce fingerprint validation." > > > > I don't know if this is still valid, I don't find any > > options regarding public/private keys in ovirt 3.3. but > > I would be very interested in this topic to tighten security. > > > > I found this: > > http://www.ovirt.org/OVirt_Administration_Guide#Host_Tasks > > "Select an authentication method to use with the host. > > 1. Enter the root user's password to use password authentication. > 2. Copy the key displayed in the SSH PublicKey field to > /root/.ssh/authorized_keys on the host to use public key authentication." > > I guess this just works from version 3.4 upwards or also for 3.3.? > if for 3.3. since which z stream release?
As far as I remember it is since 3.4. _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
