vendredi 14 octobre 2011

Ssh to VirtualBox

Hello, 

If you always ask yourself how to make an ssh connection to a virtualbox guest OS, this tutorial is for you. 

As you may know, VirtualBox supports NAT (Network Address Translation) as default networking mode. A virtual machine with NAT enabled acts  much like a real computer that connects to the Internet through a router. The "router", in this case, is the VirtualBox networking engine, which maps traffic from and to the virtual machine transparently. The disadvantage of NAT mode is that, much like a private network behind a router, the virtual machine is invisible and unreachable from the outside internet; you cannot run a server this way unless you set up port forwarding (described below). 

So our goal, in this to tutorial is to make virtualbox forward all the packets arriving to a certain port of the Host machine. For instance, any connection that arrives at a given TCP port (i.e. 2222) of the Host machine, will be forwarded to the TCP port 22 of the Guest Machine.

This tutorial is divided in 2 steps : 
  1. In the first step, you gonna make sure that we have a ssh server running on the guest operating system, otherwise we must install one. 
  2. In the second we are going to set up port forwarding in virtualbox.

For my experience, I used Windows 7 is the hosting system and Linux Mint as a guest. 


Let's go to the first step. We are going to make sure that ssh is already running on our guest operating system otherwise we must install the package openssh-server on the guest operating system. The process of installing a package on Linux Mint is similar in Ubuntu (or Debian) with the command : apt-get install openssh-server.

After installing the server, we are going to make some basic configuration. For that, go to the directory /etc/ssh and edit the file sshd_config (must have root access). This file contains all the configuration of our ssh server. Go the line that begins with 'PermitRootLogin'. 'PermitRootLogin' gives the possibility to connect to the server with a root user account. By default, this line is set to yes but change it to no if you dont want this possibility.


Then, launch the server with the following command : sudo service ssh start.

The second step is to enable port forwarding on the virtualbox machine. There is to 2 ways to do that : with the GUI or the commanline. But before we get into that, we must turn off the guest machine otherwise it won't work. 

If you want to use the gui, you must follow this steps : 
Open virtualbox main interface and selects your guest operation system. Mine is named mint.     
  1. Go to the network tab and selects Advanced -> Port Forwarding.
  2. Create a new rule by giving a name (ssh), a protocol (TCP), a host IP (if necessary), the host port (2222), the guest IP (also if necessary) and the host IP (22).
  3. Then save

If you want to do it with the command line, Virtualbox shifts with a command utility called VBoxManage. On windows 7, this command is on the directory C:\Program Files\Oracle\VirtualBox. You can use Windows PowerShell as a terminal and change directory by typing the cd command : cd ../../Program Files/Oracle/VirtualBox

Choose the VirtualBoxManage.exe file and type the following command :

VBoxManage.exe modifyvm "VM name" --natpf1 "ssh,tcp,,2222,,22" 

With the above command, all TCP traffic arriving on port 2222 on any host interface will be forwarded to port 22 in the guest. The protocol name tcp is a mandatory attribute defining which protocol should be used for forwarding (udp could also be used). The name ssh is purely descriptive and will be auto-generated if omitted. The number after --natpf denotes the network card, like in other parts of VBoxManage.


 Now you can relaunch your guest operating system and make sure that the ssh service is running. For isntance, you can execute the command : ps aux | grep sshd. 


If your host is a Linux machine,  you can execute the following commands  to connect to the guest OS:


ssh -l -p 2222 localhost 


or 


ssh -l -p 2222 aa.bb.cc.dd


aa.bb.cc.dd is the host IP address.


Since I am using windows, I had to download putty and puttygen and make some configuration. First, you must generate a pair of key (private/public) with puttygen. Launch puttygen and then click to the button Generate. You can also add a passphrase (not required) if you want. Copy/Paste the generated key in a txt file and saves it as client_id_dsa.pub. (the filename doesn't matter but his extension must be .pub).


Launch putty and go to the ssh category and next go to the auth category. And then upload your key (client_id_da.pub).


Then go in the Session section. And enter as hostname (or IP) : 127.0.0.1 and port 2222. Then open the connection. 


Tadaaa !!!


You can follow the same process to install other services like a web/ftp/pop/imap server, or a scm (source code management like SVN, git, bazaar), etc


Thanks for reading and don't forget to leave some comments!!