Show Table of Contents
18.5. Enhancing Remote Management of Virtual Machines with NSS
In Red Hat Enterprise Linux 7.3 and later, you can use the libvirt Network Security Services (NSS) module to make it easier to connect to guests with SSH, TLS, SSL, as well as other remote login services. In addition, the module also benefits utilities that use host name translation, such as
ping.
To be able to use this functionality, install the libvirt-nss package:
# yum install libvirt-nssNote
If installing libvirt-nss fails, make sure that the
Optional repository for Red Hat Enterprise Linux is enabled. For instructions, see the System Administrator's Guide.
Finally, enable the module by adding
libvirt to the hosts line of the /etc/nsswitch.conf file, for example as follows:
passwd: compat shadow: compat group: compat hosts: files libvirt dns ...
The order in which modules are listed on the
hosts line determines the order in which these modules are consulted to find the specified remote guest. As a result, libvirt's NSS module is added to modules that translate host domain names to IP addresses. This for example enables connecting to a remote guest in NAT mode without setting a static IP address and only using the guest's hostname value:
# ssh root@guest-hostname
root@guest-hostname's password:
Last login: Thu Aug 10 09:12:31 2017 from 192.168.122.1
[root@guest1-rhel7 ~]#
Note
The guest's hostname may differ from the guest name displayed for example by
virsh list. To display or configure the hostname on the guest, use the hostnamectl commands.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.