On 06/12/2015 12:14 PM, Dan Mossor wrote: > On 06/12/2015 03:48 AM, Daniel P. Berrange wrote: >> On Thu, Jun 11, 2015 at 05:26:20PM -0500, Dan Mossor wrote: >>> I manage libvirtd on a few remote machines, and my security policies >>> require >>> me to disable root login via SSH. Up to this point, I've been using >>> root due >>> to the systems being in staging, but this is the final step before >>> they're >>> moved to production. >>> >>> What is the current proscribed method of connecting virt-manager or >>> virsh to >>> a remote system with a non-root account? I keep getting "authentication >>> failed: no agent is available to authenticate" with a user that is >>> in the >>> kvm and qemu groups on the systems I've tried using the ssh transport. >> >> This guide ought to help you set it up >> >> http://wiki.libvirt.org/page/SSHPolicyKitSetup >> > Ok, so I finally got it working. > > The SSHPolicyKitSetup page at the libvirt wiki states right at the top > that "As of polkit 0.106 the .pkla format is no more, and these > configuration files must be written in Javascript." > > Further down the page, it reinforces this statement with "The > information in this section is obsolete; see the top of this page for > more information." > > However, both of those statements are incorrect. Following the > directions provided by [1] from the wiki page produced zero results - > the operation still failed with "authentication failed: no agent is > available to authenticate" when attempting to connect. [...] It sounds like you're volunteering to update the wiki page :-) (Seriously, auto account creation is disabled on the wiki, but Dan Berrange has the necessary credentials to create an account for you.) -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list