|
| 1 | +--- |
| 2 | +date: '2026-03-29' |
| 3 | +title: How to SSH into a NixOS VM Running in GNOME Boxes |
| 4 | +description: How to enable SSH on a NixOS guest, set up port forwarding through QEMU's user-mode networking, and copy your SSH keys so you can work from the host terminal. |
| 5 | +--- |
| 6 | +## How to SSH into a NixOS VM Running in GNOME Boxes |
| 7 | + |
| 8 | +I spun up a NixOS VM in GNOME Boxes for some quick package development and testing. GNOME Boxes on its own works fine, but I wanted to SSH in from my host so I could use my normal terminal and copy files with `scp`. This turned out to require a few steps that aren't immediately obvious. |
| 9 | + |
| 10 | +### The Problem: User-Mode Networking |
| 11 | + |
| 12 | +GNOME Boxes uses QEMU with user-mode networking by default. The VM gets a NAT'd IP that isn't directly reachable from the host. You need port forwarding to get in. |
| 13 | + |
| 14 | +### Enable SSH on the NixOS Guest |
| 15 | + |
| 16 | +NixOS doesn't enable SSH by default. In the VM, edit `/etc/nixos/configuration.nix` using `sudo nano` to add: |
| 17 | + |
| 18 | +```nix |
| 19 | +services.openssh = { |
| 20 | + enable = true; |
| 21 | +}; |
| 22 | +networking.firewall.allowedTCPPorts = [22]; |
| 23 | +``` |
| 24 | + |
| 25 | +The firewall line is important as NixOS enables its firewall by default, and without explicitly opening port 22, SSH connections will silently hang even though `sshd` is running. |
| 26 | + |
| 27 | +Then rebuild and switch to the newly built OS environment: |
| 28 | + |
| 29 | +```bash |
| 30 | +sudo nixos-rebuild switch && sudo reboot |
| 31 | +``` |
| 32 | + |
| 33 | +### Add Port Forwarding via the QEMU Monitor |
| 34 | + |
| 35 | +In my case, I run GNOME Boxes as a Flatpak, so we have to use `virsh` inside its sandbox. First, find your VM name: |
| 36 | + |
| 37 | +```bash |
| 38 | +flatpak run --command=virsh org.gnome.Boxes -c qemu:///session list --all |
| 39 | +``` |
| 40 | + |
| 41 | +Then add a forwarding rule that maps host port 2222 to guest port 22: |
| 42 | + |
| 43 | +```bash |
| 44 | +flatpak run --command=virsh org.gnome.Boxes -c qemu:///session \ |
| 45 | + qemu-monitor-command nixos-unstab --hmp 'hostfwd_add tcp::2222-:22' |
| 46 | +``` |
| 47 | + |
| 48 | +Replace `nixos-unstab` with whatever your VM is named. |
| 49 | + |
| 50 | +### Copy Your SSH Keys and Connect |
| 51 | + |
| 52 | +Now copy your keys and SSH in: |
| 53 | + |
| 54 | +```bash |
| 55 | +ssh-copy-id -p 2222 dylan@localhost |
| 56 | +ssh -p 2222 dylan@localhost |
| 57 | +``` |
| 58 | +Now you can easily copy files to your guest OS and run any commands you need to from the host's terminal |
0 commit comments