Skype running in KVM and integrated in Desktop

Published on Sat 29 of Mar, 2014

I reinstalled my laptop with Linux Mint Debian Edition (LMDE) mainly because if I have to install an NSA backdoor called Skype for doing business, then the finely tuned Gentoo system is worthless and I'd rather save the time. LMDE is lovely and a recommendable choice for any Linux user. Turned out though that having an (almost) fully functioning KeePass installation prevents you from installing Skype, as that binary trojan horse can't work with one of the latest system libraries. I am not ready to compromise on the excellent KeePass, so after countless hours of trying to install Skype I resorted to an old plan of mine: put that sucker into a virtual machine! Only place it can be trusted at least a bit.

And who would have thought that this sledgehammer cracks the nut so elegantly?! I wanted the application to be seamlessly integrated into the desktop, a bit like in Qubes OS. And even this was not much of a problem with the usual Linux on-board means. On boot a minimal Debian Wheezy with only the needed libraries to start Skype is being auto-started as a libvirt KVM machine. Then on the laptop I have a script to start Skype like this:

 ssh -X amette@skype.local -C PULSE_LATENCY_MSEC=30 skype & 

The -X in the ssh command allows X11 Forwarding so that Skype gets rendered on the local desktop just like any other application. PULSE_LATENCY_MSEC=30 is a fix for a well known Skype bug with Pulseaudio. And as LMDE uses Pulseaudio by default, the X11 Forwarding also takes care of forwarding audio which is no problem over the virtual network device. Make sure that your virtual machine can resolve the host name of your desktop.

Having a dedicated machine for Skype might seem overkill, but the installation is issue-free as you can install everything the way Skype likes it. So it works perfectly, doesn't interfere with your system and the NSA can go snoop on my minimal Debian. What's not to like? :)

EDIT: Yes, I am fully aware that one can break out of a virtual machine. And if anyone has a ready-made exploit for that, then it's the NSA. This project started from not being able to install Skype and KeePass2 on the same machine and as KeePass2 was more important to me, Skype went into the virtual machine. Never the less thank you for all the e-mails I got from pure strangers - it is great to see that people care! :)

EDIT 2: I switched away from LMDE as it is not really a rolling release. There hasn't been a proper upgrade of packages in months despite Heartbleed and whatnot. This is not acceptable for the main machine of a SysAdmin. So now I am using Debian Stable and believe it or not: this is the first Debian Desktop installation of my life and I am very satisfied with it.
I also switched away from KeePass2. It might be a great tool on Windows, but running with Mono on Linux the UI could suck a golf ball through a garden hose. Also the format of the password database is vulnerable to attacks. Do the right thing and use something that was designed by a pro: PWSafe.

Short Bio [toggle]

Born, went to school, started hacking on free software, did some major high availability sysadmin work in between, now back to coding PHP again and having fun with it... :) -- Long CV

Tweets [toggle]