Re: [PATCH v2 1/3] tools: Introduce SSH proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, May 07, 2024 at 01:08:00PM +0200, Michal Privoznik wrote:
> This allows users to SSH into a domain with a VSOCK device:
> 
>   ssh user@qemu/machineName
> 
> So far, only QEMU domains are supported AND qemu:///system is
> looked for the first for 'machineName' followed by
> qemu:///session. I took an inspiration from SystemD's ssh proxy
> [1] [2].

Thinking again, I'm not too comfortable about having
both system and session on the same namespace, as when
there is an inevitable naming clash, it is tedious to
resolve (no human likes using UUIDs).

How about allowing:

   ssh user@qemu:system/machineName
   ssh user@qemu:session/machineName

as unambiguous options, while leaving

   ssh user@qemu/machineName

as the simplified "(mostly) do the right thing" option

> 
> To just work out of the box, it requires (yet unreleased) systemd
> to be running inside the guest to set up a socket activated SSHD
> on the VSOCK. Alternatively, users can set up the socket
> activation themselves, or just run a socat that'll forward vsock
> <-> TCP communication.
> 
> 1: https://github.com/systemd/systemd/blob/main/src/ssh-generator/ssh-proxy.c
> 2: https://github.com/systemd/systemd/blob/main/src/ssh-generator/20-systemd-ssh-proxy.conf.in
> 
> Resolves: https://gitlab.com/libvirt/libvirt/-/issues/579
> Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
> ---
>  libvirt.spec.in                              |  33 +++
>  meson.build                                  |  16 +-
>  meson_options.txt                            |   2 +
>  po/POTFILES                                  |   1 +
>  tools/meson.build                            |   2 +
>  tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in |   6 +
>  tools/ssh-proxy/meson.build                  |  25 ++
>  tools/ssh-proxy/ssh-proxy.c                  | 239 +++++++++++++++++++
>  8 files changed, 323 insertions(+), 1 deletion(-)
>  create mode 100644 tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in
>  create mode 100644 tools/ssh-proxy/meson.build
>  create mode 100644 tools/ssh-proxy/ssh-proxy.c
> 

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|
_______________________________________________
Devel mailing list -- devel@xxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux