[Lxc-users] Remote access to containers without network connectivity

Andrei Melnikov andy.melnikov at gmail.com
Wed Mar 13 09:41:46 UTC 2013


I have a host with LXC guests.

What I want to achieve:
1. Administration of guests without a need to have network in guests
2. Fully isolated sessions - think of 2 devs connecting to the same
container.
3. Delegate logon security to host - ideally passwordless root login to
guests as access is already secured by host.

I want to combine advantages of ssh to guest and lxc-console from host.

ssh to guest has disadvantage of requiring network access in guest and per
guest ssh key management.

ssh to host and then lxc-console to guest has disadvantage of logging into
previous session.

Is it possible?

I imagine something like this (feel fee to replace with a simpler way):

1. Setup a telnet server in guest that listens on a unix socket
2. Share the socket between guest and host
3. Set permissions on the host socket so members of lxcadm group can use it.
4. Login using ssh to host as a member of lxcadm group
5. Telnet to the socket
6. PROFIT!!!

-- 
Andrei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130313/c8853a47/attachment.html>


More information about the lxc-users mailing list