cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yiping Zhang <yzh...@marketo.com>
Subject user credential for adding kvm hosts
Date Tue, 19 Aug 2014 17:19:40 GMT
Hi, all

I have asked this question on users list, but got no answers, so moving the question to dev
list:

When adding a new (kvm) host to a cluster, the UI asks for a user name (doc says “usually
the root”) and its password.  It seems that CS management server will ssh into port 22 of
new host with this username/password to do its magics (requires root privilege!). And I also
noticed through experiments that this credential is also required when bringing a  host in
or out of maintenance mode etc.

Because our corporate security policy does not allow direct root user login with a password,
I am wondering are there any other mechanisms available to allow CS management server to manage
(kvm) hypervisor hosts?  Possible solutions are using either public key authentication for
root or using a non root user with sudo privilege on hypervisor hosts.  I have not found documentations
on this subject.

Thanks,

Yiping


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message