Long story short I’m doing some work with a network that suffers a lot of ‘you can’t get there from here’. Â They’ve given me VPN access and yet even the VPN cannot get to a lot of stuff.
The solution for them is to use this old server and ssh out from there to the rest of everything. Â Which for the most part works fine, but if more then 2 people need to leapfrog suddenly you are waiting in line, or constantly knocking people off.
So I figured I’d do something different, install a QEMUÂ virtual machine on the server during my allotted hour, and then launch it as a service so that I could leap in/out through the VM leaving the console free.
While I am going to add Qemu as a service, it is still somewhat stealthy as I don’t need device drivers, and I can run it nested as I know this machine is slated to be migrated to VMWare ESX. Â And the best part of that is that it’ll continue to run.
So how do we set this kind of thing up?
The first thing you’ll need is srvany.exe instsrv.exe which both can be found in the Windows 2003 resource kit.
Installation is very straightforward, just remember to use complete paths for your Qemu, BIOS, and disk files. Â Installation goes like this from the command line:
InstSrv qemu c:\qemu-0.15.0\srvany.exe
This will create a service entry named Qemu, which will in turn kick off the srvany executable from the resource kit. Â Now I know what you are thinking, what about Qemu? Â Well we have to specify that using regedit. Â Also remember that because you are going to run this as a service you don’t want the SDL display popping up and scaring some poor hapless user. Â So the first thing I’d recommend is to work out the flags that you want to start with. Â Something like this:
c:\qemu-0.15.0\qemu -L c:\qemu-0.15.0\qemu\pc-bios -hda mydisk -net nic -net user -redir tcp:2222::22 -vnc w.x.y.z:2223
This will redirect tcp port 2222 into the VM for ssh, and sits the VNC display on port 2223 …
So we fire up regedit andÂ navagate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Qemu
There we add a new key “Parameters”. Â Then add an ASCII key of “Application” then just paste in the all of the qemu flags as mentioned above (or changed as needed by you).
Then you can simply start/stop the thing using the net start/net stop.
I suppose this is a little subversive (lol) but sometimes you’ve got work to do and the best way through it to piggyback on someoneÂ else’sÂ computer. Â Also I really fail to see the ‘wisdom’ in creating ACLs that only permit you to access your routers/switches from your desktop when you could easily *NOT* be in the office. Â Or this guy just likes the excuse of not being able to work from home.
Anyways not to ramble but that’s how I ‘fixed’ the issue without ruffling too many feathers.