9.6. Configure SSH access to a virtual machine


You can use SSH to securely access your virtual machines (VMs) from the command line. To set up your SSH configuration, use one of the following methods:

virtctl ssh command

You create an SSH key pair, add the public key to a VM, and connect to the VM by running the virtctl ssh command with the private key.

You can add public SSH keys to Red Hat Enterprise Linux (RHEL) 9 VMs at runtime or at first boot to VMs with guest operating systems that can be configured by using a cloud-init data source.

virtctl port-forward command
You add the virtctl port-foward command to your .ssh/config file and connect to the VM by using OpenSSH.
Service
You create a service, associate the service with the VM, and connect to the IP address and port exposed by the service.
Secondary network
You configure a secondary network, attach a virtual machine (VM) to the secondary network interface, and connect to the DHCP-allocated IP address.

9.6.1. Access configuration considerations

Each method for configuring access to a virtual machine (VM) has advantages and limitations, depending on the traffic load and client requirements.

참고

Services provide excellent performance and are recommended for applications that are accessed from outside the cluster.

If the internal cluster network cannot handle the traffic load, you can configure a secondary network.

virtctl ssh and virtctl port-forwarding commands
  • Simple to configure.
  • Recommended for troubleshooting VMs.
  • virtctl port-forwarding recommended for automated configuration of VMs with Ansible.
  • Dynamic public SSH keys can be used to provision VMs with Ansible.
  • Not recommended for high-traffic applications like Rsync or Remote Desktop Protocol because of the burden on the API server.
  • The API server must be able to handle the traffic load.
  • The clients must be able to access the API server.
  • The clients must have access credentials for the cluster.
Cluster IP service
  • The internal cluster network must be able to handle the traffic load.
  • The clients must be able to access an internal cluster IP address.
Node port service
  • The internal cluster network must be able to handle the traffic load.
  • The clients must be able to access at least one node.
Load balancer service
  • A load balancer must be configured.
  • Each node must be able to handle the traffic load of one or more load balancer services.
Secondary network
  • Excellent performance because traffic does not go through the internal cluster network.
  • Allows a flexible approach to network topology.
  • Guest operating system must be configured with appropriate security because the VM is exposed directly to the secondary network. If a VM is compromised, an intruder could gain access to the secondary network.
Red Hat logoGithubredditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 문서 정보

Legal Notice

Theme

© 2026 Red Hat
맨 위로 이동