|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-users] Xen 4.2 - Security on Live Migration
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello all,
I've recently switch from Xen 4.1 to 4.2.1 and from xm/xend to
xl/libxl toolstack as well.
Although Xen 4.1 did not support Secure Live Migration by default, I
could modify the /etc/xen/xend-config.sxp file giving any level of
security I wanted, either allow only specific hosts, or using ssl and
adjusting my private key and the certificate.
#### e x a m p l e ####
###### uncommented modules in /etc/xen/xend-config.sxp ######
##### ######
(xend-relocation-ssl-server yes)
(xend-relocation-ssl-port 8003)
(xend-relocation-server-ssl-key-file server.key)
(xend-relocation-server-ssl-cert-file server.crt)
(xend-relocation-ssl yes)
Xen 4.2
- - uses xl by default [By default xl relies on ssh as a transport
mechanism between the two hosts.]
- - and also Xen daemon configuration file (xend-config.sxp ) is
officially deprecated
My question is, Is there any way that I can control the level of
security in Xen 4.2 considering Live Migration? Should I look in
specific libxl files??
Katerina
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJRLUqFAAoJEIrShLVVnSKr6BUH/i9unhmMJMDMDOC2yO5SA0dX
s/lju/k0QI37gDRNOvf8TI85FbuGGyaN/PHpAn8ElbVi3sRFIuMbTg824EYuTcmW
5SmfQay7igHiqb8VxLYAaeVgWTpRpLpI22w+X2NFjs9TPghdNH/s3RVJUg1jdo0M
+KpzvDM4eH1t8LSG8weMsPGAzoeP017ri4DKR6YG7gLbUy6WKG+E4MnOZT3FYI1j
+i1duavyPirX3LjbW+vSvFNu60O2ze2dDPjZKwXbs/buUzH7hkiazdplfSlXG589
7s3bt3kA/NvZ64QT+chThHwW/GjKc5gNTinr/s0jxD8dTqwPndqHWdH/VQEc/qc=
=hvsE
-----END PGP SIGNATURE-----
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |