[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH test-artifacts v1 5/5] Setup ssh access to test systems

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 23 Jun 2025 16:15:48 +0200
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Mon, 23 Jun 2025 14:16:08 +0000
Feedback-id: i1568416f:Fastmail
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Jun 23, 2025 at 02:56:00PM +0100, Andrew Cooper wrote:
> On 23/06/2025 2:46 pm, Marek Marczykowski-Górecki wrote:
> > For this add also bridge package, so xenbr0 can be configured with
> > /etc/network/interfaces.
> > This allows extracting more logs out of the test system.
> >
> > Signed-off-by: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
> > ---
> > This enables passwordless root login. It's okay for qubes runners, as
> > they are isolated (even from each other). Is that okay in other places
> > too?
> 
> It's potentially a problem on a corporate network.
> 
> Can't we have each job generate a random password an insert it via the
> dom0-rootfs overlay?
> 
> Or alternatively have the runner drop a public key in
> /root/.ssh/authorised_keys ?

That can work, yes. And is preferred to a password, as easier to do
non-interactively.

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: [PATCH test-artifacts v1 5/5] Setup ssh access to test systems
  - From: Stefano Stabellini

References:
- [PATCH test-artifacts v1 0/5] Changes for building arbitrary Linux branch and for hw12 runner
  - From: Marek Marczykowski-Górecki
- [PATCH test-artifacts v1 5/5] Setup ssh access to test systems
  - From: Marek Marczykowski-Górecki
- Re: [PATCH test-artifacts v1 5/5] Setup ssh access to test systems
  - From: Andrew Cooper

Prev by Date: Re: [PATCH test-artifacts v1 3/5] Include git in the ARM64 build container too
Next by Date: Re: [PATCH v4 10/12] xen: Rename CONFIG_HAS_DEVICE_TREE to CONFIG_HAS_DEVICE_TREE_DISCOVERY
Previous by thread: Re: [PATCH test-artifacts v1 5/5] Setup ssh access to test systems
Next by thread: Re: [PATCH test-artifacts v1 5/5] Setup ssh access to test systems
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.