On Tue, May 07, 2024 at 01:08:00PM +0200, Michal Privoznik wrote: > This allows users to SSH into a domain with a VSOCK device: > > ssh user@qemu/machineName > > So far, only QEMU domains are supported AND qemu:///system is > looked for the first for 'machineName' followed by > qemu:///session. I took an inspiration from SystemD's ssh proxy > [1] [2].
Thinking again, I'm not too comfortable about having both system and session on the same namespace, as when there is an inevitable naming clash, it is tedious to resolve (no human likes using UUIDs). How about allowing: ssh user@qemu:system/machineName ssh user@qemu:session/machineName as unambiguous options, while leaving ssh user@qemu/machineName as the simplified "(mostly) do the right thing" option > > To just work out of the box, it requires (yet unreleased) systemd > to be running inside the guest to set up a socket activated SSHD > on the VSOCK. Alternatively, users can set up the socket > activation themselves, or just run a socat that'll forward vsock > <-> TCP communication. > > 1: https://github.com/systemd/systemd/blob/main/src/ssh-generator/ssh-proxy.c > 2: > https://github.com/systemd/systemd/blob/main/src/ssh-generator/20-systemd-ssh-proxy.conf.in > > Resolves: https://gitlab.com/libvirt/libvirt/-/issues/579 > Signed-off-by: Michal Privoznik <mpriv...@redhat.com> > --- > libvirt.spec.in | 33 +++ > meson.build | 16 +- > meson_options.txt | 2 + > po/POTFILES | 1 + > tools/meson.build | 2 + > tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in | 6 + > tools/ssh-proxy/meson.build | 25 ++ > tools/ssh-proxy/ssh-proxy.c | 239 +++++++++++++++++++ > 8 files changed, 323 insertions(+), 1 deletion(-) > create mode 100644 tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in > create mode 100644 tools/ssh-proxy/meson.build > create mode 100644 tools/ssh-proxy/ssh-proxy.c > With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
