Hello, I have some questions about libvirt remote connection. Am I right that internally libvirt uses only tcp ( ssh and tls are only encryption based on this) + ftp ( when working with image itself)? Also I have found that it uses RPC. However, as I know RPC runs above tcp but I cannot capture these packets with wireshark when I am connecting remotely to the host with vm? Is it somehow possible to find out, what data, what messages, in what format are send from my server to the remote libvirt (daemon I suppose?)?
On Fri, Apr 21, 2017 at 10:16:47AM +0300, Anastasiya Ruzhanskaya wrote:> Hello, > I have some questions about libvirt remote connection. > Am I right that internally libvirt uses only tcp ( ssh and tls are only > encryption based on this) + ftp ( when working with image itself)? Also I > have found that it uses RPC. However, as I know RPC runs above tcp but I > cannot capture these packets with wireshark when I am connecting remotely > to the host with vm? Is it somehow possible to find out, what data, what > messages, in what format are send from my server to the remote libvirt > (daemon I suppose?)?Libvirt uses a custom RPC protocol running above a number of different transports (TCP with SASL, TCP with TLS, SSH tunnel, etc, etc). Libvirt ships a wireshark plugin that can be used to analyse the network stream but you would have to turn off all authentication and use plain TCP to be able to see it otherwise it'll be encrypted and wireshark won;t see anything Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
Anastasiya Ruzhanskaya
2017-Apr-21 09:14 UTC
Re: [libvirt-users] libvirt remote connection
It seems, that I have turned off all encryption for tcp in libvirt.conf, but still rpc packets are not showed, only tcp. I suppose, that I don't need to add additional plugins to wirehark for libvirt and rpc, am I right? 2017-04-21 11:23 GMT+03:00 Daniel P. Berrange <berrange@redhat.com>:> On Fri, Apr 21, 2017 at 10:16:47AM +0300, Anastasiya Ruzhanskaya wrote: > > Hello, > > I have some questions about libvirt remote connection. > > Am I right that internally libvirt uses only tcp ( ssh and tls are only > > encryption based on this) + ftp ( when working with image itself)? Also I > > have found that it uses RPC. However, as I know RPC runs above tcp but I > > cannot capture these packets with wireshark when I am connecting remotely > > to the host with vm? Is it somehow possible to find out, what data, what > > messages, in what format are send from my server to the remote libvirt > > (daemon I suppose?)? > > Libvirt uses a custom RPC protocol running above a number of different > transports (TCP with SASL, TCP with TLS, SSH tunnel, etc, etc). Libvirt > ships a wireshark plugin that can be used to analyse the network stream > but you would have to turn off all authentication and use plain TCP > to be able to see it otherwise it'll be encrypted and wireshark won;t > see anything > > > Regards, > Daniel > -- > |: https://berrange.com -o- https://www.flickr.com/photos/ > dberrange :| > |: https://libvirt.org -o- > https://fstop138.berrange.com :| > |: https://entangle-photo.org -o- https://www.instagram.com/ > dberrange :| >