action #31417
closedAdd support for SSH from Host to VM
0%
Description
The VMs that OpenQA launches have an internal IP that is not reachable from the Host. Therefore, there is no way to SSH into them, only VNC is available.
The problem of VNC is that it limits the user comfort when debugging. SSH allows much better experience as you can use your own console and use SCP, bidireccional copy/paste, mouse scrolling, etc.
However, it is possible to SSH from the VM to the Host, therefore Reverse SSH can be used, but it is just a workaround. Having ssh supported directly from the Host would be more convenient.
I think this could be achieved by changing the qemu command line to launch the VM adding a parameter -net user,hostfwd=tcp::7777-:8001
Not sure if this is the right place, but it could help to look at this line: https://github.com/os-autoinst/os-autoinst/blob/master/backend/qemu.pm#L581
Updated by coolo about 6 years ago
You should read the articles you're copying from at least until the end - the actual syntax is in https://unix.stackexchange.com/a/196074
But SLE and openSUSE block ssh in the firewall, so I'm not even sure it's worth it.
Updated by jlausuch about 6 years ago
I am currently doing reverse SSH to access the VM. So, I need to VNC to the VM and run the ssh command to connect to the Host. Then, from the Host I can connect to the VM. The ticket aims at trying to speed this up and make it automatic somehow. Feel free to close this ticket if it doesn't make sense.
Updated by okurz almost 6 years ago
- Target version changed from future to future
Updated by okurz over 4 years ago
Do I understand correctly that under the assumption that the SUT provides ssh access (sshd running, firewall allowing tcp/22 access) the worker host should forward the ssh connection so that next to VNC one could connect to the SSH server of the SUT without additional hops, e.g. not needing to ssh into the worker host and ssh into SUT, right?
Updated by okurz about 4 years ago
- Related to action #55187: Replace live viewer with noVNC added
Updated by jlausuch almost 4 years ago
Feel free to close this since it's been around for too long. I keep doing reverse tunnel and I'm fine with it.
Updated by okurz almost 4 years ago
- Status changed from New to Rejected
- Assignee set to okurz
Assuming we answer #31417#note-6 with "yes" I do see the use case for this feature request so I have included the ticket's idea now in #65271
Updated by jlausuch almost 4 years ago
Ok. better to keep it in a list of ideas in a single ticket, otherwise this ticket will keep open for years which doesn't make sense :)