[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to q
|
From: |
Kevin Wolf |
|
Subject: |
Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img |
|
Date: |
Fri, 13 Mar 2015 09:26:02 +0100 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Am 12.03.2015 um 17:58 hat Paolo Bonzini geschrieben:
> > For cold plug, have a command line arg '--add-keys prompt' to
> > indicate the user should be prompted on TTY to enter keys,
>
> This can even be the default if you have a human monitor open.
> (Downside: the default human monitor, accessible with Ctrl-Alt-2, is not
> easily discovered; same for Ctrl-A c for -nographic).
In some ancient version this actually worked as expected: When you
started a VM with an encrypted image, the HMP monitor was active, and
after providing the password, it switched to the graphical output.
> > For managed usage we could allow
> > '--add-keys fd=FDNUM' and just read keys from the file descriptor.
>
> For managed usage, options can also be passed via -readconfig like
>
> [object "mykey1"]
> type=secret
> secret=SECRETDATA
Hopefully not using a real file, but /dev/fdset/something.
Kevin
- Re: [Qemu-devel] [PATCH RFC 1/2] block: Limit opening of encrypted images to qemu-img, (continued)
Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img, Daniel P. Berrange, 2015/03/10
Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img, Paolo Bonzini, 2015/03/12
- Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img,
Kevin Wolf <=