You are not logged in.
- Topics: Active | Unanswered
#1 2015-08-09 03:52:28
- jamespharvey20
- Member
- Registered: 2015-06-09
- Posts: 129
Remote VM openssh/openbsd-netcat/polkit/libvirt asks for 7 passwords
When I connect to a remote QEMU/KVM in virt-manager, it asks me for my user password. I enter it, and it accepts it.
I open a running virtual machine's remote console, it first shows "Connecting to graphical console for guest". And, asks me for my password again.
Then, the VM's console area goes black, and it asks me for my password again. (But it won't let me type for about 10 seconds.)
Then it asks me for my password again.
And again.
Then it shows the VM's console with correct content. And, asks me for my password again.
Then it asks me for my password again.
Then, I can use the VM.
(No, there's no editing mistake here. I have to type my password 7 times.)
virt-manager source build from git. v1.2.1.r4564.466bf92-1 (master, at least as of a short while ago). This happened identically on v1.2.1-release.
libvirt 1.2.18 (-1 Arch)
openbsd-netcat 1.105_7 (-7 Arch)
polkit 0.112 (-4 Arch)
openssh 6.9p1 (-2 Arch)
Yeah, both of these are Arch systems using kernel 4.1.4 (-1 Arch)
Don't know how to figure out which package this relates to.
Steps to Reproduce:
1. Install. pacman -S libvirt qemu openbsd-netcat, and sudo udevadm trigger /dev/kvm (not needed if running the new qemu testing version)
2. Polkit authentication. gpasswd -a <username> kvm. re-log. /etc/polkit-1/rules.d/49-org.libvirt.unix.manager.rules:
polkit.addRule(function(action, subject) {
if (action.id == "org.libvirt.unix.manage" &&
subject.isInGroup("kvm")) {
return polkit.Result.YES;
}
});
3. virt-manager to connect to remote hypervisor (QEMU/KVM) via ssh, my username - not root.
EDIT: Upstream https://bugzilla.redhat.com/show_bug.cgi?id=1248238 says it's because spice uses a separate network connection for each device-type channel. So ssh keys are the best way around this, as alphaniner said.
Last edited by jamespharvey20 (2015-08-11 04:20:48)
Offline
#2 2015-08-09 06:28:32
- alphaniner
- Member
- From: Ancapistan
- Registered: 2010-07-12
- Posts: 2,810
Re: Remote VM openssh/openbsd-netcat/polkit/libvirt asks for 7 passwords
I also use virt-manager to connect to a remote qemu via ssh, but have never been prompted to enter a password. The lack of an initial connection prompt is due to use of keys, but for the rest I have no idea. However, everything on the remote side is custom built for a headless server, and also out of date (1-2 months).
Last edited by alphaniner (2015-08-09 06:29:56)
But whether the Constitution really be one thing, or another, this much is certain - that it has either authorized such a government as we have had, or has been powerless to prevent it. In either case, it is unfit to exist.
-Lysander Spooner
Offline