Remote Spice access *without* using web manager

Seems that version does not include spice support.

The wiki states it is the minimum version for Linux.

Can you please indicate what is the minimum version or at least a version that works with Linux?

I can update the wiki if I know the answer.

Thanks.

Serge
 
Can you access your Spice enabled VMs on your Linux Mint (and virt-manager 0.5.6) by using the Proxmox VE GUI?
 
No I can not.
I get:
Screenshot from 2014-05-19 07:06:21.png
This is why I am trying to get this to troubleshoot this.

I did compile virt-viewer from source and included the spice option.

Serge
 
I want to re-produce your issue here, pls point me to the ISO download link of your Linux MINT distro.
 
Mint 15 does have an old virt-viewer package 0.5.4.

I see that you tried to compile a newer one - seems you did not succeed?

Mint 16 have virt-viewer 0.5.6 by default and just works as expected.
 
No I can not.
I get:
View attachment 2102
This is why I am trying to get this to troubleshoot this.

I did compile virt-viewer from source and included the spice option.

Serge
Compiling virt-viewer from source is not an easy task and requires a lot of knowledge. Especially on Mint 15 since you will have to compile some of the dependent libraries from source as well. Best advice is to follow Tom's advice at upgrade to Mint 16.
 
Awesome. Just what I needed.

The script works for me using Fedora thin client.


I can really work my way up easily getting a locked down full screen kiosk mode from here.

Regards,

Marc


Code:
#!/bin/bash

set -e


# needs pve-manager >= 3.1-44


usage() {
    echo "Usage: $0 [-u <string>] [-p <string>] vmid [node [proxy]]"
    echo
    echo "-u username. Default root@pam"
    echo "-p password. Default ''"
    echo
    echo "vmid: id for VM"
    echo "node: Proxmox cluster node name"
    echo "proxy: DNS or IP (use <node> as default)"
    exit 1
}


PASSWORD=""
USERNAME=""


while getopts ":u:p:" o; do
    case "${o}" in
        u)
            USERNAME=${OPTARG}
            ;;
        p)
            PASSWORD=${OPTARG}
            ;;
        *)
            usage
            ;;
    esac
done


shift $((OPTIND-1))


if [ -z $PASSWORD ]; then
    PASSWORD=""
fi
if [ -z $USERNAME ]; then
    USERNAME=root@pam
fi


DEFAULTHOST=$(hostname -f)


# select VM
[ -z $1 ] && usage
VMID=$1


#[ -z $2 ] && usage
NODE=${2:-$DEFAULTHOST}


if [ -z $3 ]; then
    PROXY=$NODE
else
    PROXY=$3
fi


NODE=${NODE%%\.*}


echo ---


DATA=$(curl -f -s -S -k -d "username=$USERNAME&password=$PASSWORD"  https://$PROXY:8006/api2/json/access/ticket)


echo "AUTH OK"


TICKET=${DATA//"/}
TICKET=${TICKET##*ticket:}
TICKET=${TICKET%%,*}


CSRF=${DATA//"/}
CSRF=${CSRF##*CSRFPreventionToken:}
CSRF=${CSRF%%,*}


curl -f -s -S -k -b "PVEAuthCookie=$TICKET" -H "CSRFPreventionToken: $CSRF" https://$PROXY:8006/api2/spiceconfig/nodes/$NODE/qemu/$VMID/spiceproxy -d "proxy=$PROXY" > /tmp/spiceproxy


remote-viewer /tmp/spiceproxy
 
Last edited:
  • Like
Reactions: obelix
This is my python 3.4 script for proxmox 3.x and 4.x
I hope it helps.

Code:
import os

def getDATA(username,password,server):
    # Get Data from Proxmox Auth API and dump into a file
    cmd = 'c:\curl -k -d "username={}&password={}"  https://{}:8006/api2/json/access/ticket > ./Data'.format(username,password,server)
    os.system(cmd)
  
    # Read dump file
    File = open("./Data","r")
    Data = File.read()

    # Get Ticket
    Start = '"ticket":"'
    End = '"'
    Ticket = (Data.split(Start))[1].split(End)[0]  

    # Get Token
    Start = '"CSRFPreventionToken":"'
    End = '"'
    Token = (Data.split(Start))[1].split(End)[0]
  
    # Get proxy DATA
    cmd = 'c:\curl -k -b "PVEAuthCookie={}" -H "CSRFPreventionToken: {}" https://{}:8006/api2/spiceconfig/nodes/{}/qemu/{}/spiceproxy -d "proxy={}" > ./spiceproxy'.format(Ticket,Token,server,node,vm,server)
    os.system(cmd)

    # Connect
    cmd = "remote-viewer -f ./spiceproxy"
    os.system(cmd)

server = "10.0.0.10"
node = "pve"
vm = "100"
username = "user@pve"
password = "123456"

getDATA(username,password,server)
 
Awesome. Just what I needed.

The script works for me using Fedora thin client.


I can really work my way up easily getting a locked down full screen kiosk mode from here.

Regards,

Marc


Code:
#!/bin/bash

set -e


# needs pve-manager >= 3.1-44


usage() {
    echo "Usage: $0 [-u <string>] [-p <string>] vmid [node [proxy]]"
    echo
    echo "-u username. Default root@pam"
    echo "-p password. Default ''"
    echo
    echo "vmid: id for VM"
    echo "node: Proxmox cluster node name"
    echo "proxy: DNS or IP (use <node> as default)"
    exit 1
}


PASSWORD=""
USERNAME=""


while getopts ":u:p:" o; do
    case "${o}" in
        u)
            USERNAME=${OPTARG}
            ;;
        p)
            PASSWORD=${OPTARG}
            ;;
        *)
            usage
            ;;
    esac
done


shift $((OPTIND-1))


if [ -z $PASSWORD ]; then
    PASSWORD=""
fi
if [ -z $USERNAME ]; then
    USERNAME=root@pam
fi


DEFAULTHOST=$(hostname -f)


# select VM
[ -z $1 ] && usage
VMID=$1


#[ -z $2 ] && usage
NODE=${2:-$DEFAULTHOST}


if [ -z $3 ]; then
    PROXY=$NODE
else
    PROXY=$3
fi


NODE=${NODE%%\.*}


echo ---


DATA=$(curl -f -s -S -k -d "username=$USERNAME&password=$PASSWORD"  https://$PROXY:8006/api2/json/access/ticket)


echo "AUTH OK"


TICKET=${DATA//"/}
TICKET=${TICKET##*ticket:}
TICKET=${TICKET%%,*}


CSRF=${DATA//"/}
CSRF=${CSRF##*CSRFPreventionToken:}
CSRF=${CSRF%%,*}


curl -f -s -S -k -b "PVEAuthCookie=$TICKET" -H "CSRFPreventionToken: $CSRF" https://$PROXY:8006/api2/spiceconfig/nodes/$NODE/qemu/$VMID/spiceproxy -d "proxy=$PROXY" > /tmp/spiceproxy


remote-viewer /tmp/spiceproxy

Hi, I tried to execute this script on linux mint, but it fails in the substitution statement:
Code:
TICKET=${DATA//"/}
the error is caused by double quote...

Any idea?
 
I had lots of difficulties with the scripts posted here. I wrote my own bash-script by using the command line JSON-parser called "jq". It's easy to read and those should be easy to debug in case it doesn't work.

Code:
#!/bin/bash

#
# SETTINGS
#
# Fill the following section with your prefered settings.
# Leaving the password field empty is much more secure. It will be prompted on the command line.
# Alternatively create a Proxmox user with limited privileges like shown in this template.
#

NODE="hostname"
VMID="100"
PROXY=""
USERNAME="spice@pve"
PASSWORD="spice"

#
# INITIALIZATION
#

if ! type "jq" > /dev/null; then
    echo 'Command line tool "jq" is needed. Please install.'
fi

if [ -z "$PASSWORD" ]; then
    read -s -p "Password: " PASSWORD
    echo
fi

if [ -z "$USERNAME" ]; then
    USERNAME=root@pam
fi

if [ -z "$PROXY" ]; then
    PROXY=$NODE
fi

#
# AUTHENTICATION PROCESS
#

RESPONSE=$(curl -f -s -S -k -d "username=$USERNAME&password=$PASSWORD"  "https://$PROXY:8006/api2/json/access/ticket")

if [ $? -ne 0 ]; then
    echo "ERROR: Authentication failed"
    exit 1
fi

TICKET=$(echo $RESPONSE | jq -r '.data.ticket')
CSRF=$(echo $RESPONSE | jq -r '.data.CSRFPreventionToken')

if [ -z "$TICKET" ] || [ -z "$CSRF" ]; then
    echo "ERROR: Could not process Authentication Ticket"
    exit 1
fi

#
# GET SPICE CONFIGURATION
#

RESPONSE=$(curl -f -s -S -k -b "PVEAuthCookie=$TICKET" -H "CSRFPreventionToken: $CSRF" "https://$PROXY:8006/api2/json/nodes/$NODE/qemu/$VMID/spiceproxy" -d "proxy=$PROXY")

if [ $? -ne 0 ]; then
    echo "ERROR: Maybe Proxmox-API changed?"
    exit 1
fi

#
# PARSING JSON RESPONSE
#

ATTENTION=$(echo $RESPONSE | jq -r '.data."secure-attention"')
DELETE=$(echo $RESPONSE | jq -r '.data."delete-this-file"')
PROXY=$(echo $RESPONSE | jq -r '.data.proxy')
TYPE=$(echo $RESPONSE | jq -r '.data.type')
CA=$(echo $RESPONSE | jq -r '.data.ca')
FULLSCREEN=$(echo $RESPONSE | jq -r '.data."toggle-fullscreen"')
TITLE=$(echo $RESPONSE | jq -r '.data.title')
HOST=$(echo $RESPONSE | jq -r '.data.host')
PASSWORD=$(echo $RESPONSE | jq -r '.data.password')
SUBJECT=$(echo $RESPONSE | jq -r '.data."host-subject"')
CURSOR=$(echo $RESPONSE | jq -r '.data."release-cursor"')
PORT=$(echo $RESPONSE | jq -r '.data."tls-port"')

#
# GENERATING REMOTE-VIEWER CONNECTION FILE
#

TMP=$(mktemp)

echo "[virt-viewer]" > $TMP
echo "secure-attention=${ATTENTION}" >> $TMP
echo "delete-this-file=${DELETE}" >> $TMP
echo "proxy=${PROXY}" >> $TMP
echo "type=${TYPE}" >> $TMP
echo "ca=${CA}" >> $TMP
echo "toggle-fullscreen=${FULLSCREEN}" >> $TMP
echo "title=${TITLE}" >> $TMP
echo "host=${HOST}" >> $TMP
echo "password=${PASSWORD}" >> $TMP
echo "host-subject=${SUBJECT}" >> $TMP
echo "release-cursor=${CURSOR}" >> $TMP
echo "tls-port=${PORT}" >> $TMP

#
# STARTING REMOTE-VIEWER
#

remote-viewer $TMP &
 
ramza - thanks for the script. works great. For anyone else reading this, make sure NODE= matches your proxmox node name in the web UI. I initially had NODE set to the FQDN of the Proxmox server, which is not correct in my case. My Proxmox node is just the short hostname. After making that change the script worked fine.
 
Thanks for this great discussion! I went ahead and implemented a Java version of the bash script mentionned above. It works on Linux and Windows (not tested Mac). Since I'm a new user, I can't post the link, it's the repo "proxmox-client" of the Github user "kalsan"
I'm happy about any feedback.
 
@kalsan
Tested it with Promox 5.2 and an Windows7 VM. Working :)
Absolute Fantastic. Thanks for sharing it with us.
Finally Remote Spice without launching the WebUI :))
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!