[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] How to change/set preferred SSL cipher suite for relocation (migration)?
On 12/16/15, Ian Campbell <ian.campbell@xxxxxxxxxx> wrote: > On Wed, 2015-12-16 at 01:01 +0330, Alireza Vaezi wrote: >> I'm using Xen 4.4.2 and I need to be able to change or set my preferred >> (available) ssl cipher suit like RC4-SHA, orÂDES-CBC-SHA , etc. to be >> further used in relocation/migration of domU via ssl. >> >> I suppose I need to make changes in Xen's source code and make-install it >> again, yet I don't know where to go and what to change. > > Despite appearances this is really a question for xen-users. > > "xl migrate" just uses ssh, so you can write whatever options you want into > .ssh/config, including per destination host parameters or whatever. > > There is also the -s option which gives a command which is called instead > of ssh, it gets given the $desthost and the command to run there ("xl > migrate-receive [options]") and can use whatever transport it likes to make > that happen (custom ssh command, talking to a custom daemon on the remote > end, etc). > > Ian. > I should have said this before. I'm finishing my masters of Computer Networks and for my research I need to compare the behavior of different security measures available, - such as protocols like SSH, SSL, IPSEC, etc.and the confidentiality they provide via encryption algorithms such as AES, DES, Blowfish, RC4 , etc. - for live migration. Due to the lack of example about using the -s option and the very VERY brief description on xen xl's man page about the -s : -s sshcommand Use <sshcommand> instead of ssh. String will be passed to sh. If empty, run <host> instead of ssh <host> xl migrate-receive [-d -e]. I needed to know either exactly how I could merely use the -s option to achieve my goal or to be able to actually modify xen's source code and put the ability to send migration data through, using SSL, and being able to choose which cipher to use. The former (using the -s options) must be far less complex than the latter. so I'd rather now how it could be used in my case, than changing the source code. But if custom coding is the only way, then I have and will do it. This i why I emailed xen-devel for this and because I seriously need to solve the problem. So which can do the job for me? -- S.Alireza.V _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |