Actually it's for my less then technical co-workers. ssh tunnels were the why I originally deployed it:
ssh -L 5920:localhost:5920 darkmatter_vmgr25.nsa.gov -l root Would tunnel one of the VM's then locally you would run "vncviewer localhost:5820" But then you don't need a password, also you need to connect at root or the KVM user. Just want to get remote access to my MS-Windows Servers remote console On Tue, Mar 11, 2014 at 10:59 PM, Ben Stoutenburgh <[email protected]>wrote: > Cool little script, because yay colors in output. Though on a system with > 100 guests why are you not just using virsh vncdisplay to get the VNC port > offset? > > And addressing the security of setting the VNC password.....while sure, > passwords are cool, why change the listening address to expose the > horrendously insecure VNC protocol to your network? Why not use SSH port > forwarding? Surprise hint for those that have been frustrated at realizing > you want to add port forwarding to an existing connection (if allowed), hit > enter followed by ~C you will find yourself at a "ssh>" prompt. type help > and you can add or cancel local/remote/dynamic forwarding. > > As for the Windows problem, never had that problem. If the kvm process > for the guest has a -vnc option I would have no idea what would be broken. > The KVM project hangs out in #kvm on freenode if it helps. > > > On Tue, Mar 11, 2014 at 10:33 PM, Joseph Apuzzo <[email protected]> wrote: > >> For those brave enough to run 20-100 VM's using KVM >> <http://www.linux-kvm.org/page/Main_Page> >> >> In /etc/libvirt/qemu are all your VM XML files, these define your machine >> hardware and configuration. I found that you can attach each VM's console ( >> main screen ) to a password protected VNC connection by changing: >> >> <graphics type='vnc' port='-1' autoport='yes' listen='127.0.0.1'> >> >> to >> >> <graphics type='vnc' port='-1' autoport='yes' listen='192.168.1.1' >> passwd='passw0rd' keymap='en-us'/> >> >> So you thus can VNC directly to the console as in 192.168.1.1:{port} >> Jim D. helped me craft this utility to display each VM's port: >> >> # script vm-port >> echo "VM Name => VNC port number" >> echo "==============================" >> for i in $(virsh -q list|awk '{print $2}'|sort); do >> j=$(virsh vncdisplay $i | cut -f 2 -d ':') >> port=$(expr 5900 + $j) >> echo -e "\033[01;31m$i\033[00m => $port" >> done >> >> Now this all works fine and dandy for Linux Gusts, but all my MS-Windows >> servers give the error: >> >> unable connect to socket: Connection refused (111) >> >> The weird part is you get this error remote or local when you set the IP >> back to 127.0,0.1 >> Nov Virt-Manager can display the screen no issue, Google is no help since >> it's too specific. >> Any suggestions on were to look or what IRC channels to ask in? >> >> -- >> Joe >> >> /** >> ** Joseph T Apuzzo >> ** GPFS SME (Linux, Windows, AIX), Linux LPI-c1 >> ** http://www.linkedin.com/in/japuzzo/ >> ** GPG: https://sks-keyservers.net/ use 2190E068 >> **/ >> >> _______________________________________________ >> Mid-Hudson Valley Linux Users Group http://mhvlug.org >> https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug >> >> Upcoming Meetings (6pm - 8pm) Vassar College >> Apr 2 - Nginx: High-Performance HTTP Server, Reverse Proxy, and >> IMAP/POP3 Proxy Server >> May 7 - Google App Engine >> Jun 4 - Samba: Can We All Just Get Along? >> >> > > _______________________________________________ > Mid-Hudson Valley Linux Users Group http://mhvlug.org > https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug > > Upcoming Meetings (6pm - 8pm) Vassar College > Apr 2 - Nginx: High-Performance HTTP Server, Reverse Proxy, and > IMAP/POP3 Proxy Server > May 7 - Google App Engine > Jun 4 - Samba: Can We All Just Get Along? > > -- Joe /** ** Joseph T Apuzzo ** GPFS SME (Linux, Windows, AIX), Linux LPI-c1 ** http://www.linkedin.com/in/japuzzo/ ** GPG: https://sks-keyservers.net/ use 2190E068 **/
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org https://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) Vassar College Apr 2 - Nginx: High-Performance HTTP Server, Reverse Proxy, and IMAP/POP3 Proxy Server May 7 - Google App Engine Jun 4 - Samba: Can We All Just Get Along?
