How do I setup ssh from the host to the guest using qemu? I am able to use port redirection when I boot the VM without any special parameters, as follows:
/usr/bin/qemu-system-x86_64 -hda ubuntu1204 -m 512 -redir tcp:7777::8001
But when I try to boot using the following:
/usr/bin/qemu-system-x86_64 -m 1024 -name vserialtest -hda ubuntu1204 -chardev socket,host=localhost,port=7777,server,nowait,id=port1-char -device virtio-serial -device virtserialport,id=port1,chardev=port1-char,name=org.fedoraproject.port.0 -net user,hostfwd=tcp:7777::8001
I get the following error and the VM does not boot:
qemu-system-x86_64: -net user,hostfwd=tcp:7777::8001: invalid host forwarding rule 'tcp:7777::8001' qemu-system-x86_64: -net user,hostfwd=tcp:7777::8001: Device 'user' could not be initialized
Please note that I am able to boot the VM without the -net parameter
without any issues, however, I want to setup ssh from the host to the
guest. ssh from guest to host works fine as expected.
Edit
I have tried using
-net user,hostfwd=tcp::7777-:8001
as well as
-net user,hostfwd=tcp::7777:8001
but still the error persists and the VM does not boot.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
I think that the error does not come from the -net statement, but from:
-chardev socket,host=localhost,port=7777,server,nowait,id=port1-char
The statement uses already the port 7777. For the port forwarding, with
-net user,hostfwd=tcp::7777-:8001
It works fine when not setting up the virtio serial channel.
If I understand right, you want to set up a virtio serial channel to communicate from the host to the VM using a Unix Domain Socket?
In this case, the following could do the job:
/usr/bin/qemu-system-x86_64 -m 1024 -name vserialtest -hda ubuntu1204 -chardev socket,path=/tmp/port1,server,nowait,id=port1-char -device virtio-serial -device virtserialport,id=port1,chardev=port1-char,name=org.fedoraproject.port.0 -net user,hostfwd=tcp::7777-:8001
An example of how to connect from the host using ssh to the VM:
-net user,hostfwd=tcp::10022-:22 -net nic
This host-forwarding maps the localhost (host) port 10022 to the port 22 on the VM.
Once the VM was started like this, you can access it from the localhost as follows:
ssh <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="61170c14120413210d0e02000d090e1215">[email protected]</a> -p10022
The -net nic command initializes a very basic virtual network interface card.
Method 2
Add this to your qemu network config:
,hostfwd=tcp::2222-:22
e.g.
qemu -net nic -net user,hostfwd=tcp::2222-:22
The tcp:2222-::22 flag maps port 2222 of the host machine to port 22 (the default SSH port) on the virtual machine.
Then, simply SSHing to port 2222 on your localhost (the host machine) will redirect any traffic into the SSH port in the virtual machine, which should allow you to ssh as you normally would any other machine:
$ ssh -p 2222 localhost
Method 3
OpenSSH configuration tested on Buildroot 2016.05, QEMU 2.5.0, Ubuntu 16.04 host
Besides the QEMU network forwarding, you also need to setup SSH properly, which I’ll cover here.
Start with qemu_x86_64_defconfig and enable the openssh package:
make qemu_x86_64_defconfig echo 'BR2_PACKAGE_OPENSSH=y' >> .config make BR2_JLEVEL=$(nproc)
Then start QEMU with:
qemu-system-x86_64 -M pc -append root=/dev/vda -drive file=output/images/rootfs.ext2,if=virtio,format=raw -enable-kvm -kernel output/images/bzImage -m 512 -net nic,model=virtio -net user,hostfwd=tcp::2222-:22
Then on guest:
vi /etc/ssh/sshd_config
Modify the following settings:
PermitRootLogin yes PermitEmptyPasswords yes
And restart the server:
/etc/init.d/S50sshd restart
It is because this file exists that sshd starts by default, here is the source: https://github.com/buildroot/buildroot/blob/2018.02/package/openssh/S50sshd and the key startup operations are:
/usr/bin/ssh-keygen -A /usr/sbin/sshd touch /var/lock/sshd
Then from host:
ssh <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="25574a4a5165494a4644494d4a5651">[email protected]</a> -p 2222
In case of failure, first test that the networking forwarding is working with a lower level tool than sshd: e.g. nc -l as described here.
also check the server logs on guest:
less /var/log/messages
Then on the final system you should automate the creation of that log file with BR2_ROOTFS_OVERLAY or BR2_ROOTFS_POST_BUILD_SCRIPT: Customizing the generated target filesystem | buildroot.org
Related: https://stackoverflow.com/questions/23106012/how-to-access-raspberry-pi-qemu-vm-via-network
Method 4
Answers here all seem somewhat out of date or overly specific to the poster’s exact situation. In general you can enable ssh by adding this to your qemu command:
-device e1000,netdev=net0 -netdev user,id=net0,hostfwd=tcp::5555-:22
Then once it’s up and running (make sure you have openssh-server installed on guest), you can ssh in from the host with:
ssh <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="640311011710311701162a05090124080b0705080c0b1710">[email protected]</a> -p 5555
See here under “How to get SSH access to a guest” for more details
Method 5
I believe you need to use hostfwd=tcp::7777-:8001 or hostfwd=tcp::7777:8001
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0