Hi Doug, Thanks for your help. qemu+tcp could work now after enabling listen_tcp in /etc/libvirt/libvirtd.conf. user@x86:~$ virsh -c qemu+tcp://10.193.20.109/system list --all Id Name State ---------------------------------------------------- 2 test running For qemu+ssh, it seemed that we need build standalone netcat instead use nc in busybox. For qemu+tls, we need generate many pem files on both server and client. http://wiki.libvirt.org/page/TLSCreateServerCerts Server: /etc/pki/CA/cacert.pem /etc/pki/libvirt/servercert.pem /etc/pki/libvirt/private/serverkey.pem Client: /etc/pki/CA/cacert.pem /etc/pki/libvirt/clientcert.pem /etc/pki/libvirt/private/clientkey.pem But one question is that how does a client know the server name if without DNS service. Our scenario is a ppc board as server. Could we use IP address as the CN in template file? # cat host1_server_template.info organization = libvirt.org cn = host1 tls_www_server encryption_key signing_key Best Regards, Olivia > -----Original Message----- > From: cardoe@xxxxxxxxxx [mailto:cardoe@xxxxxxxxxx] On Behalf Of Doug > Goldstein > Sent: Friday, March 22, 2013 1:59 AM > To: Yin Olivia-R63875 > Cc: libvir-list@xxxxxxxxxx; libvirt-users@xxxxxxxxxx > Subject: Re: remote connection issue 'virsh -c > qemu+ssh:///root@localhost/system list' > > On Thu, Mar 21, 2013 at 6:23 AM, Yin Olivia-R63875 <r63875@xxxxxxxxxxxxx> > wrote: > > Hi, > > > > I'm trying remote connection with qemu hypervisor on FSL PPC board. > > > > The libvirt server is the PPC board. > > > > root@ppc:~# ifconfig eth0 10.193.20.109 root@ppc:~# libvirtd -d > > root@ppc:~# virsh -c qemu:///system define test.xml root@ppc:~# virsh > > -c qemu:///system start test root@ppc:~# virsh -c qemu:///system list > > --all > > Id Name State > > ---------------------------------------------------- > > 2 test running > > > > Connect from an X86 PC (Ubuntu 10.04) to the PPC board. > > > > user@x86:~$ virsh -c qemu+ssh://root@10.193.20.109/system list --all > > The authenticity of host '10.193.20.109 (10.193.20.109)' can't be > established. > > RSA key fingerprint is 2f:56:07:08:da:7d:ac:41:45:57:d2:12:15:19:67:e0. > > Are you sure you want to continue connecting (yes/no)? yes > > root@10.193.20.109's password: > > error: failed to connect to the hypervisor > > error: End of file while reading data: Warning: Permanently added > '10.193.20.109' (RSA) to the list of known hosts. > > nc: invalid option -- 'U' > > BusyBox v1.19.4 (2013-03-08 13:08:18 CST) multi-call binary. > > > > Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]: > > Input/output error > > > > > > > > I tried to verify the remote connection on localhost. But it also failed > as below: > > > > root@mpc8572ds:~# virsh -c qemu+ssh:///root@localhost/system list > > --all root@localhost's password: > > error: failed to connect to the hypervisor > > error: End of file while reading data: nc: invalid option -- 'U' > > BusyBox v1.19.4 (2013-03-08 13:08:18 CST) multi-call binary. > > > > Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]: > > Input/output error > > > > > > Could anyone give suggestion on this issue? > > > > > > Best Regards, > > Olivia > > > > You're using busybox's nc (netcat) implementation. It does not support UNIX > sockets which is a requirement of libvirt when using the > qemu+ssh:// scheme to connect. > > I'd suggest looking into generating some certificates and using > qemu+tls:// (the default when using qemu:// to a remote system). If > you don't care about any authentication or encryption for testing purposes > you can use qemu+tcp:// > > -- > Doug Goldstein -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list