Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

Am 12.03.2015 um 17:58 hat Paolo Bonzini geschrieben: > > For cold plug, have a command line arg '--add-keys prompt' to > > indicate the user should be prompted on TTY to enter keys, > > This can even be the default if you have a human monitor open. > (Downside: the default human monitor, accessib

Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

On 10/03/2015 19:13, Daniel P. Berrange wrote: > FWIW, I could see an improved interaction scheme working as follows > > First, introduce a new monitor command for setting named passwords, > > add_key mykey1 SECRETDATA Or reuse object_add: object_add secret,id=mykey1,secret=SECRETDATA

Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

On Wed, Mar 11, 2015 at 09:55:16AM +0100, Markus Armbruster wrote: > "Daniel P. Berrange" writes: > > > On Tue, Mar 10, 2015 at 06:26:38PM +0100, Markus Armbruster wrote: > >> RFC because the series only covers open [PATCH 1], but not create. > >> Also missing: make qemu-img print a warning when

Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

Am 11.03.2015 um 10:59 hat Daniel P. Berrange geschrieben: > On Wed, Mar 11, 2015 at 09:55:16AM +0100, Markus Armbruster wrote: > > "Daniel P. Berrange" writes: > > > FWIW, I could see an improved interaction scheme working as follows > > > > > > First, introduce a new monitor command for setting

Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

"Daniel P. Berrange" writes: > On Wed, Mar 11, 2015 at 09:55:16AM +0100, Markus Armbruster wrote: >> "Daniel P. Berrange" writes: [...] >> > My only concern here is whether we've given users enough prior >> > warning. While we added that doc change a year ago, what are the >> > odds that anyone

Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

"Daniel P. Berrange" writes: > On Tue, Mar 10, 2015 at 06:26:38PM +0100, Markus Armbruster wrote: >> RFC because the series only covers open [PATCH 1], but not create. >> Also missing: make qemu-img print a warning when it creates an >> encrypted image. Finally, some of the material in the cover

Re: [Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

On Tue, Mar 10, 2015 at 06:26:38PM +0100, Markus Armbruster wrote: > RFC because the series only covers open [PATCH 1], but not create. > Also missing: make qemu-img print a warning when it creates an > encrypted image. Finally, some of the material in the cover letter > should be worked into the

[Qemu-devel] [PATCH RFC 0/2] Limit support for encrypted images to qemu-img

RFC because the series only covers open [PATCH 1], but not create. Also missing: make qemu-img print a warning when it creates an encrypted image. Finally, some of the material in the cover letter should be worked into the commit messages. We've steered users away from QCOW/QCOW2 encryption for a