2:16 a.m.
Hello,
I have some questions about libvirt remote connection.
Am I right that internally libvirt uses only tcp ( ssh and tls are only
encryption based on this) + ftp ( when working with image itself)? Also I
have found that it uses RPC. However, as I know RPC runs above tcp but I
cannot capture these packets with wireshark when I am connecting remotely
to the host with vm? Is it somehow possible to find out, what data, what
messages, in what format are send from my server to the remote libvirt
(daemon I suppose?)?
3:23 a.m.
On Fri, Apr 21, 2017 at 10:16:47AM +0300, Anastasiya Ruzhanskaya wrote:
Hello,
I have some questions about libvirt remote connection.
Am I right that internally libvirt uses only tcp ( ssh and tls are only
encryption based on this) + ftp ( when working with image itself)? Also I
have found that it uses RPC. However, as I know RPC runs above tcp but I
cannot capture these packets with wireshark when I am connecting remotely
to the host with vm? Is it somehow possible to find out, what data, what
messages, in what format are send from my server to the remote libvirt
(daemon I suppose?)?
Libvirt uses a custom RPC protocol running above a number of different
transports (TCP with SASL, TCP with TLS, SSH tunnel, etc, etc). Libvirt
ships a wireshark plugin that can be used to analyse the network stream
but you would have to turn off all authentication and use plain TCP
to be able to see it otherwise it'll be encrypted and wireshark won;t
see anything
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
4:14 a.m.
It seems, that I have turned off all encryption for tcp in libvirt.conf,
but still rpc packets are not showed, only tcp. I suppose, that I don't
need to add additional plugins to wirehark for libvirt and rpc, am I right?
2017-04-21 11:23 GMT+03:00 Daniel P. Berrange <berrange(a)redhat.com>:
On Fri, Apr 21, 2017 at 10:16:47AM +0300, Anastasiya Ruzhanskaya
wrote:
> Hello,
> I have some questions about libvirt remote connection.
> Am I right that internally libvirt uses only tcp ( ssh and tls are only
> encryption based on this) + ftp ( when working with image itself)? Also I
> have found that it uses RPC. However, as I know RPC runs above tcp but I
> cannot capture these packets with wireshark when I am connecting remotely
> to the host with vm? Is it somehow possible to find out, what data, what
> messages, in what format are send from my server to the remote libvirt
> (daemon I suppose?)?
Libvirt uses a custom RPC protocol running above a number of different
transports (TCP with SASL, TCP with TLS, SSH tunnel, etc, etc). Libvirt
ships a wireshark plugin that can be used to analyse the network stream
but you would have to turn off all authentication and use plain TCP
to be able to see it otherwise it'll be encrypted and wireshark won;t
see anything
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/
dberrange :|
|: https://libvirt.org -o-
https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/
dberrange :|
4:21 a.m.
On Fri, Apr 21, 2017 at 12:14:54PM +0300, Anastasiya Ruzhanskaya wrote:
It seems, that I have turned off all encryption for tcp in
libvirt.conf,
but still rpc packets are not showed, only tcp. I suppose, that I don't
need to add additional plugins to wirehark for libvirt and rpc, am I right?
Libvirt provides a wireshark plugin - you need to make sure you've actually
intsalled that bit though, as its a separate rpm.
2017-04-21 11:23 GMT+03:00 Daniel P. Berrange <berrange(a)redhat.com>:
> On Fri, Apr 21, 2017 at 10:16:47AM +0300, Anastasiya Ruzhanskaya wrote:
> > Hello,
> > I have some questions about libvirt remote connection.
> > Am I right that internally libvirt uses only tcp ( ssh and tls are only
> > encryption based on this) + ftp ( when working with image itself)? Also I
> > have found that it uses RPC. However, as I know RPC runs above tcp but I
> > cannot capture these packets with wireshark when I am connecting remotely
> > to the host with vm? Is it somehow possible to find out, what data, what
> > messages, in what format are send from my server to the remote libvirt
> > (daemon I suppose?)?
>
> Libvirt uses a custom RPC protocol running above a number of different
> transports (TCP with SASL, TCP with TLS, SSH tunnel, etc, etc). Libvirt
> ships a wireshark plugin that can be used to analyse the network stream
> but you would have to turn off all authentication and use plain TCP
> to be able to see it otherwise it'll be encrypted and wireshark won;t
> see anything
>
>
> Regards,
> Daniel
> --
> |: https://berrange.com -o- https://www.flickr.com/photos/
> dberrange :|
> |: https://libvirt.org -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org -o- https://www.instagram.com/
> dberrange :|
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
2772
days inactive
2772
days old
3 comments
2 participants
participants (2)
-
Anastasiya Ruzhanskaya -
Daniel P. Berrange