On Thu, Sep 15, 2011 at 08:51:00AM +1000, ronnie sahlberg wrote: > On Thu, Sep 15, 2011 at 12:36 AM, Christoph Hellwig <h...@lst.de> wrote: > ... > >> > +/* > >> > + * We support iscsi url's on the form > >> > + * iscsi://[<username>%<password>@]<host>[:<port>]/<targetname>/<lun> > >> > + */ > > > > Is having username + password on the command line really a that good idea? > > Also what about the more complicated iSCSI authentification schemes? > > In general it is a very bad idea. For local use on a private box it is > convenient to be able to use "<username>%<password>@" syntax. > For use on a shared box, libiscsi supports an alternative method too > by setting the username and/or password via environment variables : > LIBISCSI_CHAP_USERNAME=... LIBISCSI_CHAP_PASSWORD=...
Environement variables are only a tiny bit better, since this still allows the password to leak to any processes which can read /proc/$PID/environ. It is also undesirable wrt many distro trouble shooting tools (eg Fedora/ RHEL's sosreport) which capture the contents of /proc/$PID/environ as part of their data collection process. This means your passwords will end up in attachments to bugzilla / issue tracker tickets. For block devs with encrypted QCow2 disks (and VNC/SPICE) QEMU requires the password to be set via the monitor. Since this iscsi: protocol is part of the block layer, IMHO, the password should be settable the same way via the monitor Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
