samedi 8 novembre 2014

webvirtmgr

How to authorize webvirtmgr to connect remote host



Create SSH private key and ssh config options (On system where WebVirtMgr is installed):

$ sudo su - nginx -s /bin/bash

$ ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (path-to-id-rsa-in-nginx-home): Just hit Enter here!

$ touch ~/.ssh/config && echo -e "StrictHostKeyChecking=no\nUserKnownHostsFile=/dev/null" >> ~/.ssh/config

$ chmod 0600 ~/.ssh/config

Add webvirt user (on qemu-kvm/libvirt host server):

$ sudo adduser webvirtmgr

$ sudo passwd webvirtmgr

Back to webvirtmgr host and copy public key to qemu-kvm/libvirt host server:

$ sudo su - nginx -s /bin/bash

$ ssh-copy-id webvirtmgr@qemu-kvm-libvirt-host

Or if you changed the default SSH port use:

$ ssh-copy-id -P YOUR_SSH_PORT webvirtmgr@qemu-kvm-libvirt-host

Now you can test the connection by entering:

$ ssh webvirtmgr@qemu-kvm-libvirt-host

For a non-standard SSH port use:

$ ssh -P YOUR_SSH_PORT webvirtmgr@qemu-kvm-libvirt-host

You should connect without entering a password.

Set up permissions to manage libvirt (on qemu-kvm/libvirt host server):

On Ubuntu:

$ sudo adduser webvirtmgr libvirtd

#------------------------------------------------------------------------------------------------

Create SSH public key in folder /var/www/.ssh/id_rsa:

$ sudo ssh-keygen
Enter file in which to save the key (/root/.ssh/id_rsa): /var/www/.ssh/id_rsa

Change owner and permissions for folder /var/www/.ssh (Ubuntu: "www-data."; Fedora,CentOS: "apache."):

$ sudo chmod -R 0600 /var/www/.ssh/config
$ sudo chown -R apache:apache /var/www/.ssh

Set up SSH public key (On libvirt Host Server)


On remote serveur : create user for manager libvirt:

$ sudo adduser webvirtmgr

Copy /var/www/.ssh/id_rsa.pub to folder (on server) .ssh/authorized_keys user webvirtmgr:

$ sudo mkdir /home/webvirtmgr/.ssh
$ sudo chmod 700 /home/webvirtmgr/.ssh
$ sudo cp /var/www/.ssh/id_rsa.pub /home/webvirtmgr/.ssh/authorized_keys
$ sudo chmod 0600 /home/webvirtmgr/.ssh/authorized_keys
$ sudo chown -R webvirtmgr:webvirtmgr /home/webvirtmgr/.ssh

Set up permissions to manage libvirt

Ubuntu:

$ sudo adduser webvirtmgr libvirtd


[Remote libvirt SSH access]
Identity=unix-user:webvirtmgr
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
Publié par à

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)