Red Hat Bugzilla – Bug 872914
regression: virt-manager no longer uses ssh for vnc/spice connections
Last modified: 2013-01-14 20:13:02 EST
Description of problem:
I have virt-manager setup to connect to a remote server using qemu+ssh.
virt-manager would connect to the client GUI using the ssh connection, and I wouldn't have to forward port 5900 on the server (which I consider a security risk).
Now in versions
virt-manager always tries to connect to the client GUI using the configured port 5900, bypassing the SSH connection. Everything else about virt-manager uses the SSH connection and thus I can configure my VM's and see their status etc, but the GUI console always falls back to port 5900.
I confirmed this with wireshark.
Steps to Reproduce:
1. ensure that iptables is not forwarding the gui port (in my case 5900)
2. connect remotely with virt-manager using qemu+ssh
Can connect to libvirtd on the server over ssh, but opening the GUI tries to use port 5900
GUI session goes over ssh with everything else
An interesting thing I noticed was that virt-viewer was not affected by this regression.
eg. virt-viewer -c qemu+ssh://me@server:22/system centos6 WORKS
virt-manager -c qemu+ssh://me@server:22/system centos6 connects fine, but display does not
Created attachment 637907 [details]
Here I show the relevant portion of the user's virt-manager.log between the working version and the current version.
Dirk, please provide the guest XML of an affected VM:
sudo virsh dumpxml <vmname>
Closing as INSUFFICIENT_DATA. Dirk, if you are still affected by this bug, please reopen and provide the info requested in comment #1