Xen project Mailing List

Re: [Xen-users] xl migrate command - disable ssh

To: Katerina Mparmpopoulou <kate_mparmpop@xxxxxxxxxxx>

From: Sean Greenslade <zootboysean@xxxxxxxxx>

Date: Wed, 13 Mar 2013 20:28:08 -0400

Cc: "xen-users@xxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxx>

Delivery-date: Thu, 14 Mar 2013 00:29:45 +0000

List-id: Xen user discussion <xen-users.lists.xen.org>

On Wed, Mar 13, 2013 at 5:50 AM, Katerina Mparmpopoulou <kate_mparmpop@xxxxxxxxxxx> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > > I use xen 4.2.1 and i'm trying to do live migration without ssh. > > I read at the manual page of xl that if i place the option -s empty > the command is running as run <host>, instead of ssh <host>. > > I 've used the command with the following alternatives: > > - - sudo xl migrate VM3 root@ip -s > > - - sudo xl migrate VM3 root@ip -s '' > > the problem is that in the same time i run tcpdump (filtering the > particular interface/port 22/and the target host) and i can see the > ssh packets, even the -s option is empty (no parameters). > > my question is: > > How can I disable ssh???? > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQEcBAEBAgAGBQJRQEvWAAoJEIrShLVVnSKrp94H/3dqno4IolDeyvXDLJh9JAVX > jUR+/xBSpuH49N9dKxczOc89SWjPHNhZ58lvUlvZMm/NiPrRGmm+oR2nLg5YTue+ > A5GzX4X23v2P6lDNHYiCREIULzjKvZEMrT8MwmUy/+AGl3NZ0tw+uwgdctWd2kqK > eSiKqCErDTbjK73D74Mxrt4NWwSTOcGaBBZleqGOlQtIUIvlkBT+7OzsNqAlC8Ar > j+TN9TRmiYPJBC3IHLBW2ZrDs+9sxXAVwL2braJSY4sV1sXEfI17Z4fl48ubWOX0 > 4fh+Xg6esKK9Jy6LsMEJCEzvbpPEWyb0ukqeYDD3pFf2cTVKFQfN5fZxEH0QP9E= > =XrqQ > -----END PGP SIGNATURE----- > > _______________________________________________ > Xen-users mailing list > Xen-users@xxxxxxxxxxxxx > http://lists.xen.org/xen-users I'm rather curious as to why you want to disable SSH. Since the migration is passing raw memory blocks across the network, this is certainly something that ought to be encrypted to prevent both monkeying and sniffing. Regardless, to migrate using some program other than SSH, you need something akin to it (e.g. tenlet, RSH, etc.). Xen does not create a migration "socket" on its own, AFAIK the xl migrate scheme passes the data to xl on the receiving side through stdin on the terminal. -- --Zootboy Sent from some sort of computing device. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.