I use Virt-manager for virtualization on Debian. I want to connect to my guest through a remote SSH tunnel. Guest is also on local Debian machine. Is this possible?
I have already tried this command found here:
ssh -f -L 5900:localhost:5900 USERNAME@REMOTE-PC-B-PUBLIC-IPADDRESS -N -p 22
However, I get this message:
bind: Address already in use
channel_setup_fwd_listener_tcpip: cannot listen to port: 5901
Could not request local forwarding.
So I changed the local port to this.
ssh -f -L 5920:localhost:5900 USERNAME@REMOTE-PC-B-PUBLIC-IPADDRESS -N -p 22
It seems to be working. There is no error message.
Now I use Vinagre to connect to the guest with localhost:5900
. And the window is showing up.
Is the traffic still going through the SSH tunnel?
In Vinagre there is also a filed for adding a SSH host. However, when I enter the domain/IP there it will prompt the password. If I type it in every time the connection get closed. Any suggestion for that?
Do I have to use Spice or VNC option?
I Googleed since two days to get this fixed.
So I am interessted in how other people create an encrypted SSH tunnel between local machine and (local) guest machine and how do they connect to it.
Best Answer
It really depends on what is the use case. You just posted some command, but without any information where do you run it, which is quite crucial. So let me get it straight. You have
GUEST
machine andHOST
machine on the same network (basically virtual one). You canping
andssh
from one to another. And there comes two possibilities:Run local port forwarding from
HOST
machine:Run remote port forwarding from
GUEST
machine:And then connect using your software to the
localhost
, port5920
(you put there 5900 as from the screenshot) and all traffic to this port should be forwarded to theGUEST
port5900
.But anyway, I don't think this is needed. If you want to establish Host-Guest connection, you are never leaving the virtual network and there should be no need to do expensive encryption. You should be able to connect directly to
GUEST-IP:5900
if the service is listening on external IP.