On Sat, 02 Apr 2022 09:53:18 +0200 didier gaumet <didier.gau...@gmail.com> wrote:
> > > Hello, > > Disclaimer: I do not use ssh, nor remote virtual machines, so this is > far from an expert answer :-) Thanks for the suggestions! > You could be confronted to several possible problems: > - root access: you could try using an ordinary user instead I'm not sure if I understand what you're saying, but I am using an ordinary user on the client side. The VMs are running on the remote machine using qemu:///system. > - "system" problem: virt-manager/virt-viewer propose "system" and > "session" options and in this case, trying an ordinary user "session" > instead of a root "system" could be beneficial Not sure if I understand what you're saying - as above, the VMs are running on the remote machine using qemu:///system - are you suggesting that I try reconfiguring them to run as qemu:///session? According to the documentation: > You will definitely want to use qemu:///system if your VMs are acting > as servers. VM autostart on host boot only works for 'system', and the > root libvirtd instance has necessary permissions to use proper > networkings via bridges or virtual networks. qemu:///system is > generally what tools like virt-manager default to. > > qemu:///session has a serious drawback: since the libvirtd instance > does not have sufficient privileges, the only out of the box network > option is qemu's usermode networking, which has nonobvious limitations, > so its usage is discouraged. More info on qemu networking options: > http://people.gnome.org/~markmc/qemu-networking.html https://wiki.libvirt.org/page/FAQ#What_is_the_difference_between_qemu:.2F.2F.2Fsystem_and_qemu:.2F.2F.2Fsession.3F_Which_one_should_I_use.3F > - ssh tunnel or not (virt-manager/virt-viewer have different options > for that) I don't understand this point. > - double authentication: "When using a SSH tunnel to connect to a SPICE > console, it's recommended to have ssh-agent running to avoid getting > multiple authentication prompts." Thanks - this might be the solution. I'll have to look into this further. > (take a look at virtsh, virt-manager, virt-viewer manpages) -- Celejar
