docs/system/secrets.rst

4 -----------------------------
9 unlock key material, remote desktop services require an access password.
13 At startup this can be done using the ``-object secret,...`` command line
15 monitor commands. The examples that follow will illustrate use of ``-object``
25 multi-user host. Command line arguments are usually visible in the process
36    -object secret,id=secvnc0,data=87539319
45    -object secret,id=secvnc0,data=ODc1MzkzMTk=,format=base64
58    -object secret,id=secvnc0,file=vnc-password.txt
61 In this example the file ``vnc-password.txt`` contains the plain text secret
72    -object secret,id=sec0,file=vnc-password.txt,format=base64
77 will be launched under. If using mandatory access control such as SELinux, then
78 the file should be labelled to only grant access to the specific QEMU process
79 that needs access. This will prevent other processes/users from compromising the
95    -object secret,id=secmaster,file=masterkey.data,format=base64
99 cryptographically secure random bytes, which are then base64 encoded.
100 The contents of this file will by used as an AES-256 key to encrypt the
105    -object secret,id=secvnc0,keyid=secmaster,data=BASE64-CIPHERTEXT,iv=BASE64-IV,format=base64
108 In this example ``BASE64-CIPHERTEXT`` is the result of AES-256-CBC encrypting
110 The ``BASE64-IV`` data is 16 random bytes which have been base64 encrypted.
111 These bytes are used as the initialization vector for the AES-256-CBC value.
124    -object secret_keyring,id=secvnc0,serial=1729
133    -object secret_keyring,id=secvnc0,serial=1729,format=base64
140    -object secret_keyring,id=secvnc0,keyid=secmaster,serial=1729,iv=BASE64-IV
150 from a cryptographically secure random data source. The master key should be
152 the key file must have access control rules applied that restrict access to
160 not be compromised, even if ``-object`` CLI args or ``object_add`` monitor