Re: [PATCH v3 1/3] tools: Introduce SSH proxy

Friday, 10 May 2024

On a Thursday in 2024, Michal Privoznik wrote:
...
This allows users to SSH into a domain with a VSOCK device:

  ssh user@qemu/machineName

So far, only QEMU domains are supported AND qemu:///system is
looked for the first for 'machineName' followed by
qemu:///session. I took an inspiration from SystemD's ssh proxy 
s/SystemD/systemd/

See the "Spelling" section of
https://www.freedesktop.org/wiki/Software/systemd/

...
[1] [2].

To just work out of the box, it requires (yet unreleased) systemd
to be running inside the guest to set up a socket activated SSHD
on the VSOCK. Alternatively, users can set up the socket
activation themselves, or just run a socat that'll forward vsock
<-> TCP communication.

1: https://github.com/systemd/systemd/blob/main/src/ssh-generator/ssh-proxy.c
2:
https://github.com/systemd/systemd/blob/main/src/ssh-generator/20-systemd...

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/579
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt;
---
 libvirt.spec.in                              |  33 +++
 meson.build                                  |  16 +-
 meson_options.txt                            |   2 +
 po/POTFILES                                  |   1 +
 tools/meson.build                            |   2 +
 tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in |   6 +
 tools/ssh-proxy/meson.build                  |  25 ++
 tools/ssh-proxy/ssh-proxy.c                  | 296 +++++++++++++++++++
 8 files changed, 380 insertions(+), 1 deletion(-)
 create mode 100644 tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in
 create mode 100644 tools/ssh-proxy/meson.build
 create mode 100644 tools/ssh-proxy/ssh-proxy.c

diff --git a/tools/ssh-proxy/ssh-proxy.c b/tools/ssh-proxy/ssh-proxy.c
new file mode 100644
index 0000000000..f04160ccad
--- /dev/null
+++ b/tools/ssh-proxy/ssh-proxy.c
+static int
+parseArgs(int argc,
+          char *argv[],
+          const char **uriRet,
+          const char **domname,
+          unsigned int *port)
+{
+    const char *uri = NULL;
+
+    /* Accepted URIs are:
+     *
+     *   qemu/virtulMachine 
s/virtul/virtual/

...
+     *   qemu:system/virtualMachine
+     *   qemu:session/virtualMachine
+     *
+     * The last two result in system or session connection URIs passed to
+     * virConnectOpen(), the first one tries to find the machine under system
+     * connection first, followed by session connection.
+     */
+    if (argc != 3 ||
+        !(uri = STRSKIP(argv[1], HOSTNAME_PREFIX))) {
+        ERROR(_("Bad usage"));
+        printUsage(argv[0]);
+        return -1;
+    }
+ 
Reviewed-by: Ján Tomko <jtomko(a)redhat.com&gt;

Jano

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [PATCH v3 1/3] tools: Introduce SSH proxy