ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Beginner's Guide to KVM Administration

    IT Discussion
    kvm kvm-vdi fedora how to
    4
    10
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DustinB3403D
      DustinB3403
      last edited by DustinB3403

      Ok this guide is to help anyone else who was in the same boat as I was in while setting up a lab. I had KVM setup and running on my server (using Fedora), and I had access to the server using my Fedora Workstation and Virt-Manager.

      Trouble was I was constantly being asked for the password (non-root) to login to the server or access the console of the VM's I was wanting to manage.

      The following assumptions are made:

      • You have a user account outside of root on both your Server and Workstation
      • You are using Fedora Server and Fedora Workstation
      • You are using a user who is not root, but has administrative access.
      • You have Virt-Manager installed on your Fedora Workstation
      • You have confirmed you can connect to your KVM server using Virt-Manager (and repeated passwords eventually get you logged in)

      So with thanks to @JaredBusch for helping sort me out here is what you'll need to do.

      From your workstation:
      sudo hostnamectl set-hostname FEDORA-WORKSTATION-NAME

      Obviously name your management station whatever you want. Naming your systems is what you have to do in any case (I just happened to do it here), and it makes life easier below to know where you're connected to. As this wasn't one of the assumptions I made above, now is your time to do this.

      sudo gpasswd -a USERNAME libvirt
      The above command adds your user account to the libvirt group, while retaining the permissions they already have.

      ssh-keygen -t rsa
      The above generates the rsa keys required to connect without a password.

      ssh-copy-id -i /home/USERNAME/.ssh/id_rsa.pub USERNAME@SERVER-IP-ADDRESS
      The above will copy your public rsa key from your workstation to your server, this is how you avoid being asked for your user password repeatedly.

      At this point you should be able to ssh into your KVM server by simply typing

      ssh USERNAME@SERVER-IP-ADDRESS
      Above you are connecting to your server via SSH, and shouldn't be prompted for a password. If you are asked for a password something is wrong.

      sudo gpasswd -a USERNAME libvirt
      The above command adds your user to the libvirt group, while retaining the permissions they already have.

      sudo hostnamectl set-hostname SERVER-HOSTNAME
      Again name your server whatever you want.

      exit

      Now back on your Workstation launch Virt-Manager.

      Initially virt-manage likely has a "local" connection named "QEMU/KVM". If your hardware supports virtualization, just delete this connection. It's your desktop or laptop or VM, trying to act as an Hypervisor.

      The local connection is not at all required.

      • Click File
      • New Connection
      • QEMU/KVM
      • Check "Connect to remote host"
      • Method: SSH
      • Username, enter your username who you added to the libvirt group on both systems.
      • Hostname - Enter in your KVM server IP address.

      Optionally you can check "Autoconnect"

      • Click Connect

      At this point you should be able to connect to your KVM server without any password entries.

      Thanks again, and have a great time setting up KVM.

      ObsolesceO FATeknollogeeF 4 Replies Last reply Reply Quote 8
      • ObsolesceO
        Obsolesce @DustinB3403
        last edited by Obsolesce

        @dustinb3403 said in Beginner's Guide to KVM Administration:

        ssh-keygen -t rsa
        The above generates the rsa keys required to connect without a password.

        You only need to do ssh-keygen in the above case (-t rsa not needed), as RSA is default, and 2048 is default.

        It's now generally recommended to use RSA 4096.

        In this case, ssh-keygen -b 4096 would be the recommended command.

        However, YMMV.
        Example: you may be renewing your 2048 keys frequently enough in which, at least in present-day, it doesn't matter.

        1 Reply Last reply Reply Quote 0
        • ObsolesceO
          Obsolesce @DustinB3403
          last edited by Obsolesce

          @dustinb3403 said in Beginner's Guide to KVM Administration:

          From your workstation:
          sudo hostnamectl set-hostname FEDORA-WORKSTATION-NAME

          @dustinb3403 said in Beginner's Guide to KVM Administration:

          sudo hostnamectl set-hostname SERVER-HOSTNAME
          Again name your server whatever you want.

          Just a friendly note here, to prevent any confusion:

          If you set a hostname for your workstation and server during the OS installation process, you don't need to worry about these steps.

          1 Reply Last reply Reply Quote 0
          • FATeknollogeeF
            FATeknollogee @DustinB3403
            last edited by

            @dustinb3403 said in Beginner's Guide to KVM Administration:

            Now back on your Workstation launch Virt-Manager.

            Initially virt-manage likely has a "local" connection named "QEMU/KVM". If your hardware supports virtualization, just delete this connection. It's your desktop or laptop or VM, trying to act as an Hypervisor.

            The local connection is not at all required.

            For me, I don't & will not delete this "local" connection.

            I use this a lot, for my "permanent" Win 10 desktop (aka vm) and to make/test quickie, throw away vm's. Comes in real handy!!

            ObsolesceO 1 Reply Last reply Reply Quote 0
            • ObsolesceO
              Obsolesce @FATeknollogee
              last edited by

              @fateknollogee said in Beginner's Guide to KVM Administration:

              @dustinb3403 said in Beginner's Guide to KVM Administration:

              Now back on your Workstation launch Virt-Manager.

              Initially virt-manage likely has a "local" connection named "QEMU/KVM". If your hardware supports virtualization, just delete this connection. It's your desktop or laptop or VM, trying to act as an Hypervisor.

              The local connection is not at all required.

              For me, I don't & will not delete this "local" connection.

              I use this a lot, for my "permanent" Win 10 desktop (aka vm) and to make/test quickie, throw away vm's. Comes in real handy!!

              Same. On my laptop anyways, hosts my permanent Win10 VM.

              1 Reply Last reply Reply Quote 0
              • FATeknollogeeF
                FATeknollogee
                last edited by

                I can see deleting this connection if one's machine doesnt have enough resources to run vm's.

                For me, that is not the case, I've got plenty of horsepower...
                0_1513134488493_Screenshot from 2017-12-12 19-07-53.png

                ObsolesceO 1 Reply Last reply Reply Quote 0
                • ObsolesceO
                  Obsolesce @FATeknollogee
                  last edited by

                  @fateknollogee said in Beginner's Guide to KVM Administration:

                  I can see deleting this connection if one's machine doesnt have enough resources to run vm's.

                  For me, that is not the case, I've got plenty of horsepower...
                  0_1513134488493_Screenshot from 2017-12-12 19-07-53.png

                  No need to delete it. Just don't create VMs locally if you don't want to.

                  1 Reply Last reply Reply Quote 1
                  • FATeknollogeeF
                    FATeknollogee @DustinB3403
                    last edited by

                    @dustinb3403 said in Beginner's Guide to KVM Administration:

                    ssh-keygen -t rsa
                    The above generates the rsa keys required to connect without a password.

                    I'm using ecdsa (instead of rsa) per this info: Choosing an Algorithm & Key Size
                    ssh-keygen -t ecdsa -b 521

                    ObsolesceO 1 Reply Last reply Reply Quote 0
                    • ObsolesceO
                      Obsolesce @FATeknollogee
                      last edited by

                      @fateknollogee said in Beginner's Guide to KVM Administration:

                      @dustinb3403 said in Beginner's Guide to KVM Administration:

                      ssh-keygen -t rsa
                      The above generates the rsa keys required to connect without a password.

                      I'm using ecdsa (instead of rsa) per this info: Choosing an Algorithm & Key Size
                      ssh-keygen -t ecdsa -b 521

                      Nice. That's the equivalent to 15,360 bit RSA!

                      I want to see if e everything I use including GitLab can support that.

                      JaredBuschJ 1 Reply Last reply Reply Quote 0
                      • JaredBuschJ
                        JaredBusch @Obsolesce
                        last edited by

                        @tim_g said in Beginner's Guide to KVM Administration:

                        @fateknollogee said in Beginner's Guide to KVM Administration:

                        @dustinb3403 said in Beginner's Guide to KVM Administration:

                        ssh-keygen -t rsa
                        The above generates the rsa keys required to connect without a password.

                        I'm using ecdsa (instead of rsa) per this info: Choosing an Algorithm & Key Size
                        ssh-keygen -t ecdsa -b 521

                        Nice. That's the equivalent to 15,360 bit RSA!

                        I want to see if e everything I use including GitLab can support that.

                        From my reading, it should.

                        1 Reply Last reply Reply Quote 0
                        • 1 / 1
                        • First post
                          Last post