How to ssh to a VM from WS/Fusion using vsock
search cancel

How to ssh to a VM from WS/Fusion using vsock

book

Article ID: 315625

calendar_today

Updated On:

Products

VMware Desktop Hypervisor

Issue/Introduction

This article is to provide information about how to ssh to a VM from WS/Fusion using vsock

Resolution

Note: For Fusion, this needs version 13 or later. It needs socat on MacOS, which can be installed with homebrew . Netcat can also be used.


1.  VM Setup
  1. Create a Linux Virtual Machine
  2. Power on the VM
  3. Open terminal
  4. If it is photon VM
  5. create a systemd socket file by running the below command in terminal 
/etc/systemd/system/sshd.socket :
  1. Once done, copy paste the below commands in terminal and save

[Unit]
Conflicts=sshd.service

[Socket]
ListenStream=22
Accept=yes

[Socket]
ListenStream=vsock::22
Accept=yes

[Install]
WantedBy=sockets.target
  1. Next, run the below command
       sudo systemctl daemon-reload
  1. Restart by running the command ,sudo systemctl restart sshd.socket

Similarly, this works on Ubuntu  but the file name needs to be ssh.socket (not sshd.socket):

[Unit]
Description=OpenBSD Secure Shell server socket
Before=ssh.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run

[Socket]
ListenStream=vsock::22
Accept=yes

[Install]
WantedBy=sockets.target

sshd does DNS lookups (even with UseDNS=no). To speed up the initial login, work around this by adding the looked up domain UNKNOWN.localdomain to /etc/hosts:

127.0.0.1 UNKNOWN.localdomain

Notesystemd understands vsock in socket files.
Photon uses sshd.socket with systemd for network connections, so we can add the vsock to it.
Ubuntu does not use sshd.socket, but runs sshd permanently via ssh.service. But we can add a socket file.

2. Set up the host

2.1. VMware Fusion (MacOS)
  1. Edit the vmx file and add these settings for vsockproxy: For more information see Editing the .vmx file for your VMware Fusion virtual machine
     vsockProxy.enabled = "TRUE"
     vsockProxy2.sock = "ssh.sock"
     vsockProxy2.port = "22"
  1. Add these settings (but a different id). The id should be automatically generated :
     vmci0.present = "TRUE"
     vmci0.unrestricted = "false"
     vmci0.id = "577891222"
  1. Restart the VM.

2.2. VMware Workstation (Linux)
Linux supports vsock natively, so vsockproxy is not needed. Ensure vmci is enabled for the VM by adding the below entries in vmx:
 

To edit the .vmx file:

  1. Shut down the virtual machine.
  2. Locate the virtual machine's files. For more information, see Locating a hosted virtual machine's files (1003880).
  3. Open the virtual machine's configuration file (.vmx) in a text editor
Note: VMware recommends copying the virtual machine's folder to a safe location to backup the virtual machine
  1. Add the  below entries
     vmci0.present = "TRUE"
     vmci0.unrestricted = "false"
     vmci0.id = "1456032017"

Note: To use socat, the version should be 1.7.4.1 or later to support vsock. Ubuntu 20.04 still has an older version, but the latest can be installed from http://mirrors.kernel.org/ubuntu/pool/main/s/socat/socat_1.7.4.1-3ubuntu1_amd64.deb

3. SSH Command

3.1. From MacOS

The name of the host will be used as the id for the host key.

1. Open terminal on Mac
2. Run the below command

ssh -o 'ProxyCommand socat - "UNIX-CLIENT:/Users/username/Virtual Machines.localized/photon-vm.vmwarevm/ssh.sock"' user@photon-vm

You can also edit the file from ~/.ssh/config so you don't need the long command line:

Host photon-vm

    ProxyCommand socat - "UNIX-CLIENT:/Users/username/Virtual Machines.localized/photon-vm.vmwarevm/ssh.sock"

Once done please run below command
ssh user@photon-vm

3.2. From Linux
To run the below command 
  1. Open terminal 
  2. Run the below command
ssh -o ProxyCommand="socat - VSOCK-CONNECT:1456032017:22" user@photon-ova_uefi-4.0

It's possible to connect back from the VM to the host if it's LInux, using the CID 2:

ssh -o ProxyCommand="socat - VSOCK-CONNECT:2:22" user@hosted

Powered by Wolken Software