Configure Remote Access to Sandbox Components Using SSH, RDP, Telnet, VNC (QualiX)
This section explains how to enable end-users to create "full access" connections to their devices and VMs from resources, services and Apps in CloudShell sandboxes. To achieve this, you need to associate the QualiX machine with the remote access terminals you want to make available in CloudShell Portal. Note that Apache Guacamole uses two services, which are activated by default when installing QualiX Server - qualix-tomcat and qualix-guacd.
- To set up connections to vCenter App VMs using vCenter Console protocol, see Configure VM Web Console Access to vCenter App VMs (QualiX).
- In order to connect to a device or VM from CloudShell Portal, the resource of the element must include the User and Password attributes. To connect using a service, the service must include an Address. For details about adding such attributes, see Prepare and Reserve Blueprint.
- This article explains how to set up remote access connections to vCenter App VMs using QualiX' vCenter Console Proxy service and requires the Configure Remote Access to Sandbox Components Using SSH, RDP, Telnet, VNC (QualiX) listed below. For other VMs or resources, see Configure Remote Access to Sandbox Components Using SSH, RDP, Telnet, VNC (QualiX).
To enable remote connection from CloudShell Portal:
-
In Quali server, open the following file in a text editor:
C:\ProgramData\QualiSystems\Settings\Global\ServerUniversalSettings.xml
-
Under the
<ConfigurationSection name="LinkApplications">
tag, replace the lines of the relevant remote access terminals (Telnet, SSH, RDP, VNC) with the lines in this code sample:<key name="Telnet" pattern="http://<CloudShell Portal Host>:<CloudShell Portal Port>/Qx/connect?qualix=<VM IP>&qualixType=https&telnet{qid}&qtoken={qtoken}&hostname={Address}&protocol=telnet&port=23&username={User}&password={Password}" icon-key="Telnet" />
<key name="SSH" pattern="http://<CloudShell Portal Host>:<CloudShell Portal Port>/Qx/connect?qualix=<VM IP>&qualixType=https&ssh{qid}&qtoken={qtoken}&hostname={Address}&protocol=ssh&port=22&username={User}&password=secure" icon-key="SSH" />
<key name="RDP" pattern="http://<CloudShell Portal Host>:<CloudShell Portal Port>/Qx/connect?qualix=<VM IP>&qualixType=https&rdp{qid}&qtoken={qtoken}&hostname={Address}&protocol=rdp&port=3389&username={User}&password={Password}&security=any&ignore-cert=true" icon-key="RDP" />
<key name="VNC" pattern="http://<CloudShell Portal Host>:<CloudShell Portal Port>/Qx/connect?qualix=<VM IP>&qualixType=https&vnc{qid}&qtoken={qtoken}&hostname={Address}&protocol=vnc&port=5900&username={User}&password={Password}" icon-key="VNC" />
Note: The
qtoken
&qid
keys are automatically filled out by the server and are related to CloudShell security enhancements. You do not need to configure anything related to these keys. -
Replace
<CloudShell Portal Host>
with the CloudShell Portal hostname or DNS name, and<CloudShell Portal Port>
with the CloudShell Portal port.Note: For remote connections to devices from CloudShell, the Portal server value (for example, Portal's IP) specified here must be the same one used to log into CloudShell. Using a different value, like the hostname, will prompt the sandbox end user to log into CloudShell again to access the device.
-
Replace
<VM IP>
with the IP of the QualiX Server or Docker swarm host machine (if deploying QualiX over Docker).To find the IP of the VM, at the system prompt, run the
ifconfig
command. If you are using vSphere, VMware Tools also provides the machine's IP address (located in the vSphere Summary tab). -
For SSH connections: To enable file transfer to and from SSH terminals, add the
enable-sftp=true
property to the SSH line. For example:<key name="SSH" pattern="http://localhost:80/Qx/connect?qualix=192.168.1.17&enable-sftp=true&qualixType=https&ssh{qid}&qtoken={qtoken}&hostname={Address}&protocol=ssh&port=22&username={User}&password=secure" icon-key="SSH" />
- Save the file.
- Restart the Quali Server service to apply the changes.