Updated QVM post.
This commit is contained in:
parent
f3a4169734
commit
1993487e49
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
title: Qemu SSH tunnel
|
||||
updated: 2017-04-26 20:00
|
||||
updated: 2017-10-22 18:00
|
||||
tags: [qemu, vnc, ssh tunnel]
|
||||
description: How to use qemu via VNC and SSH
|
||||
---
|
||||
|
@ -40,10 +40,8 @@ a remote server. Let's see a trivial scheme of the VNC setup
|
|||
|
||||
```
|
||||
port 22 port 5900
|
||||
client <--> intermediary server <--> remote server
|
||||
^ (it's in a localhost location
|
||||
| in respect to the intermediary
|
||||
| server)
|
||||
client <--> server.ssh_interface <--> server.vnc_interface
|
||||
^
|
||||
|
|
||||
|
|
||||
| port 5901
|
||||
|
@ -53,71 +51,51 @@ a remote server. Let's see a trivial scheme of the VNC setup
|
|||
|
||||
## Terminology
|
||||
|
||||
- `<-->`: connection or forwarding
|
||||
- `127.0.0.1`: local address (a.k.a `localhost`)
|
||||
- `server.address`: address of the intermediary server
|
||||
- `server-user`: login name of the intermediary server
|
||||
- `server.address`: address of the server
|
||||
- `server-user`: login name of the server
|
||||
- `vm-user`: login name of the virual machine
|
||||
|
||||
Note: `server.vnc_interface` is in a localhost location in respect to the
|
||||
`server.ssh_interface`, so we will not use the term *intermediary server*
|
||||
anymore.
|
||||
|
||||
## Server
|
||||
|
||||
First thing: since my server does not have a GUI I installed the
|
||||
`qemu-headless` package.
|
||||
|
||||
Here is the modified version of the install function of qvm
|
||||
|
||||
```shell
|
||||
installs()
|
||||
{
|
||||
qemu-system-x86_64 -m "$vm_memory" \
|
||||
-enable-kvm \
|
||||
-monitor pty -vnc 127.0.0.1:0 \
|
||||
-cdrom "$img_name" \
|
||||
-boot order=d \
|
||||
"$vhd_name" &
|
||||
}
|
||||
```
|
||||
|
||||
This line does the magic:
|
||||
```shell
|
||||
-monitor pty -vnc 127.0.0.1:0 \
|
||||
```
|
||||
|
||||
The run function has now that same magic line:
|
||||
```shell
|
||||
[...]
|
||||
qemu-system-x86_64 \
|
||||
-m "$vm_memory" \
|
||||
-enable-kvm \
|
||||
-monitor pty -vnc 127.0.0.1:0 \
|
||||
-device e1000,netdev=user.0 \
|
||||
-netdev user,\
|
||||
id=user.0,hostfwd=tcp::"$host_port"-:"$guest_port",\
|
||||
hostfwd=tcp::"$ssh_host_port"-:"$ssh_guest_port" \
|
||||
-virtfs local,path="$shared_data_path",\
|
||||
security_model=none,mount_tag="$mount_tag" \
|
||||
"$vhd" &
|
||||
[...]
|
||||
-monitor pty -vnc 127.0.0.1:0
|
||||
```
|
||||
|
||||
Make sure to have the following configurations in the OpenSSH configuration
|
||||
(`/etc/ssh/ssh_config`) otherwise the next steps won't work
|
||||
(`/etc/ssh/sshd_config`) otherwise the next steps won't work
|
||||
|
||||
AllowTcpForwarding yes
|
||||
PermitOpen yes
|
||||
|
||||
In case you don't, you must also restart the SSH daemon.
|
||||
|
||||
You can now use the appropriate QVM vnc command.
|
||||
|
||||
## Client
|
||||
|
||||
Before starting the VNC client, you must create an SSH socket (tunnel).
|
||||
Download the QVM script on the client also.
|
||||
|
||||
You must now install one of the vnc clients like
|
||||
[gtk-vnc](https://wiki.gnome.org/Projects/gtk-vnc) or
|
||||
[TigerVNC](http://www.tigervnc.org).
|
||||
I've noticed that TigerVNC seems to handle window resizes better, so I decided
|
||||
to go for that one.
|
||||
|
||||
Before starting the VNC client, an SSH socket (tunnel) is created.
|
||||
|
||||
```shell
|
||||
$ ssh -N -f -L 5901:127.0.0.1:5900 server-user@server.address
|
||||
```
|
||||
|
||||
You must now install vnc clients like
|
||||
[gtk-vnc](https://wiki.gnome.org/Projects/gtk-vnc) or
|
||||
[TigerVNC](http://www.tigervnc.org).
|
||||
I've noticed that TigerVNC seems to handle window resizes better, so I decided
|
||||
to go for that.
|
||||
TigerVNC is then called on the forwarded port.
|
||||
|
||||
```shell
|
||||
$ vncviewer 127.0.0.1:1
|
||||
|
@ -131,7 +109,7 @@ The next thing was to connect to the SSH daemon on the virtual machine just
|
|||
like what qvm enables you to do. I thought I could use the same method of VNC.
|
||||
|
||||
Once the SSH daemon is up and running you can connect to it with the following
|
||||
command from the intermediary server:
|
||||
command from the server:
|
||||
|
||||
```shell
|
||||
$ ssh -p 2222 vm-user@127.0.0.1
|
||||
|
@ -155,6 +133,18 @@ $ ssh -p 2223 vm-user@127.0.0.1
|
|||
|
||||
You should now see the login.
|
||||
|
||||
### A simpler way to connect through SSH
|
||||
|
||||
As I later found out, it is possible to connect to SSH, as well as any ohter
|
||||
service, by simply using the host address and the forwarded port, for example:
|
||||
|
||||
```shell
|
||||
$ ssh -p 2222 vm-user@server.address
|
||||
```
|
||||
|
||||
This happens because with this configuration the guest network is bridged with
|
||||
the host network.
|
||||
|
||||
## Final considerations
|
||||
|
||||
You can use this method also for internet browsing and lots of other stuff.
|
||||
|
@ -162,5 +152,9 @@ Infact, using SSH implies that the traffic between the client and remote server
|
|||
is encrypted, but using VNC directly by default is NOT so pay
|
||||
attention.
|
||||
|
||||
Cheers!
|
||||
*Please notice that every step described here, except installations and file
|
||||
configurations have now been integrated directly in the QVM script. For this
|
||||
reason you should follow the instructions reported on the
|
||||
[readme](https://github.com/frnmst/qvm/blob/master/README.md)*
|
||||
|
||||
Cheers!
|
||||
|
|
Loading…
Reference in New Issue