Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentENTERPRISE LINUX 5 - VIRTUALIZATION GUIDE

161

162

163

164

165

166

167

168

169

170

Chapter 19. Remote management of virtualized guests

156

$ ssh-keygen -t rsa

3. Copying the keys to the remote hosts

Remote login without a password, or with a passphrase, requires an SSH key to be distributed to

the systems being managed. Use the ssh-copy-id command to copy the key to root user at the

system address provided (in the example, root@example.com).

$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@example.com

root@example.com's password:

Now try logging into the machine, with the ssh root@example.com command and check in the

.ssh/authorized_keys file to make sure unexpected keys have not been added.

Repeat for other systems, as required.

4. Optional: Add the passphrase to the ssh-agent

Add the passphrase for the SSH key to the ssh-agent, if required. On the local host, use the

following command to add the passphrase (if there was one) to enable password-less login.

# ssh-add ~/.ssh/id_rsa.pub

The SSH key was added to the remote system.

The libvirt daemon (libvirtd)

The libvirt daemon provide an interface for managing virtual machines. You must have the

libvirtd daemon installed and running on every remote host that needs managing.

$ ssh root@somehost

# chkconfig libvirtd on

# service libvirtd start

After libvirtd and SSH are configured you should be able to remotely access and manage your

virtual machines. You should also be able to access your guests with VNC at this point.

Accessing remote hosts with virt-manager

Remote hosts can be managed with the virt-manager GUI tool. SSH keys must belong to the user

executing virt-manager for password-less login to work.

1. Start virt-manager.

2. Open the File->Add Connection menu.

3. Input values for the hypervisor type, the connection, Connection->Remote tunnel over SSH, and

enter the desired hostname, then click connection.

19.2. Remote management over TLS and SSL

You can manage virtual machines using TLS and SSL. TLS and SSL provides greater scalability but

is more complicated than ssh (refer to Section 19.1, “Remote management with SSH”). TLS and SSL

is the same technology used by web browsers for secure connections. The libvirt management

connection opens a TCP port for incoming connections, which is securely encrypted and authenticated

based on x509 certificates.