Re: [PATCH v3 2/3] docs: Document SSH proxy

Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; --- docs/docs.rst | 3 ++ docs/meson.build | 1 + docs/nss.rst | 7 ++++ docs/ssh-proxy.rst | 85 ++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 96 insertions(+) create mode 100644 docs/ssh-proxy.rst diff --git a/docs/ssh-proxy.rst b/docs/ssh-proxy.rst new file mode 100644 index 0000000000..014737e967 --- /dev/null +++ b/docs/ssh-proxy.rst @@ -0,0 +1,85 @@ +================= +Libvirt SSH proxy +================= + +Sometimes it's necessary to run some commands inside a guest. While libvirt +already provides a `NSS module <nss.html>`__ that can translate guest name to +IP address it has some limitations (e.g. guest has to have a network interface +plugged into a libvirt managed network). To resolve some of these limitations,

+libvirt offers a SSH proxy. It consists of a SSH client config file +(``/etc/ssh/ssh_config.d/30-libvirt-ssh-proxy.conf``) and a small binary. Both +are automatically installed by ``libvirt-ssh-proxy`` package which is dragged +in by ``libvirt-client``, ``libvirt-daemon-qemu`` and/or ``daemon-kvm`` RPM +packages. After running either of: + +:: + + ssh user@qemu:system/virtualMachine + ssh user@qemu:session/virtualMachine + +the configuration file instructs SSH client to start the binary helper which +finds a VSOCK device inside the ``virtualMachine`` and establishes a connection +to it.