Virtmanager connection via custom SSH command?

Question

I'd like to use virt-manager to manage my libvirt/kvm virtual machines running on a remote host, but the method I use to ssh into that host it a bit complicated. I need to use custom ports along with agent forwarding with multiple hops. For example, to ssh into that KVM box I use a default identify cert and do this command:

ssh -At -p 4188 www.example.com ssh -At -p 8854 virt-host.internals.int

The dialog for Virtmanager remote connections seems fairly primitive and I was wondering if there is a workaround?

Answer 1

I think you've got two problems.

1) setting up a single ssh connection that goes through the bastion host.

This is basically the same problem as How do I do Multihop SCP transfers? so go read that first.

2) now that you know how to deal with it on the command line more transparently, you need to set it so that it happens without the CLI options.

Set up a ~/.ssh/config file for the user that does the ssh'ing. (Almost?) anything that you can specify on the ssh command line, you can specify in the config file.

For this you would want something along the lines of:

host www.example.com
    port 4188
    forwardagent yes
host virt-host.internals.int
    proxycommand ssh www.example.com nc virt-host.internals.int 8854 

I haven't tested this so the syntax may be off, but it should get you going in the right direction.

Note that it assumes that you can resolve the name virt-host.internals.int from the original client machine. This may not be the case (internal dns only), in which case you will have to kludge it somehow (e.g. /etc/hosts, using ip instead of hostname, etc).