VMware – Cannot Cut, Copy, or Paste to VM’s

KB ID 0000515

Problem

Ever since ESX 4.1 this feature has been disabled and you have been unable to paste to VM, VMware say in their own documentation:

Source (Page 215 – ESX Configuration Guide ESX 4.1 vCenter Server 4.1).

To turn this feature back ON you have a few choices.

Please be aware: We are talking about copy and pasting TEXT to and from a guest VM NOT files and folders.

Solution

ESX Option 1 (Enable Copy and Paste to VM an individual Guest machine)

Using vSphere 8 or Above

Firstly, you need to shut the virtual machine down > Right Click it > Edit Settings >  Advanced > Add the following TWO attributes and values.

Add in the following two;
Attribute: isolation.tools.copy.disable, Value: false
Attribute: isolation.tools.paste.disable, Value: false

Click OK >  Power the VM back on.

Using HML5 Web Client (Enable Copy and Paste to VM)

Firstly, you need to shut the virtual machine down > Right Click it > Edit Settings > VM Options > Advanced  > Scroll down.

 

Edit configuration > Add configuration params;

Add in the following two parameters then click OK

Name: isolation.tools.copy.disable, Value: false
Name: isolation.tools.paste.disable, Value: false

Using Flash Web Client.

Firstly, you need to shut the virtual machine down > Right Click it > Edit Settings > VMware Option Tab > Advanced > Edit configuration > Add in the following;

Name: isolation.tools.copy.disable, Value: false
Name: isolation.tools.paste.disable, Value: false

 

OK > OK > Power on VM

Using VMware Client (Enable Copy and Paste to VM)

1. Firstly, you need to shut the virtual machine down > Right Click it > Edit Settings > Option Tab > Advanced > General > Configuration Parameters.

2. Select “Add Row” and add the following two options:

[box]isolation.tools.copy.disable

isolation.tools.paste.disable [/box]

Set both these values to FALSE > OK > OK > Power the VM back on again.

Note: Even without these values set, if a VM is vMotioned to an ESX host that has the copy.paste options set in it’s config file (see below) then these features are automatically enabled.

Option 2 (Enable Copy and Paste to VM on an individual Guest machine)

1. You can also achieve the same as above by directly editing the .vmx file for the virtual machine, Add the following two values as shown below:

[box]isolation.tools.copy.disable=”FALSE”

isolation.tools.paste.disable=”FALSE” [/box]

Note: Even without these values set, if a VM is vMotioned to an ESX host that has the copy.paste options set in it’s config file (see below) then these features are automatically enabled.

Option 3 (Enable Copy and Paste on the ESX host for all the VM’s on that host)

Note: This procedure will be removed/reset after an ESX upgrade. (You will need to carry out this procedure again post upgrade).

1. Connect to your ESX server, either directly on the console, or via SSH. and execute the following command:

[box]vi /etc/vmware/config[/box]

 

2. Press i to insert text and paste in the following two lines:

[box]isolation.tools.copy.disable=”FALSE”

isolation.tools.paste.disable=”FALSE” [/box]

Press Escape > then type :wq to save the changes.

Additional Steps for Linux / Ubuntu to allow Copy and Paste to VM

1. Assuming you have the VMware tools installed in your Linux guest VM, if not execute the following command:

[box]sudo apt-get install open-vm-toolbox[/box]

To enable copy paste on the guest execute the following command:

[box]vmware-toolbox &[/box]

One the VMware tools properties page pops up you will be able to copy and paste.

Enabling Copy and Paste in VMware Workstation

Out of the box, this functionality is switched on. However if you lose it then open the virtual machines settings > Options tab > Guest Isolation > Enable the Copy and paste option.

Related Articles, References, Credits, or External Links

NA

TinyCore Linux: Build a ‘Persistent’ Web Server

KB ID 0001697

Problem

Recently I was building a lab for testing load balancing, and needed some web servers, I could have built three Windows servers, but I wanted to run them in EVE-NG, so they had to be as light as I could make them. I chose TinyCore Linux, (I know there are smaller options, but it’s light enough for me to run, and work with).

The problem occurs when you reboot the TinyCore host, it (by default) reverts back to its vanilla state, (that’s not strictly true, a couple of folders are persistent).

So I had to build a server that would let me SFTP some web content into it and allow me to reboot it without losing the web content, settings, and IP address.

Step 1: Configure TinyCore IP & Web Server

This is a two step procedure, firstly I’m going to give it a static IP.

[box]

sudo ifconfig eth0 192.168.100.110 netmask 255.255.255.0
sudo route add default gw 192.168.100.1

[/box]

I don’t need DNS, if you do, then simply edit the resolve.conf file;

[box]

sudo vi /etc/resolv.conf
Add a value e.g.
Nameserver 8.8.8.8

[/box]

If you are scared of  the VI editor see Using the VI Editor (For Windows Types)

To connect via SSH/SFTP you will need opnessh installing, and to run the website, we will use Busybox, to install those, do the following;

[box]

tce-load -wi busybox-httpd.tcz
tce-load -wi openssh

[/box]

You will now need to set a password for the root account, (so you can log on and trasfer web files in!)

[box]

su
passwd
Type in, and confirm a new password!

[/box]

Start the OpenSSH, and TFTP services;

[box]

cd /usr/local/etc/init.d/
./openssh start
cd /etc/init.d/services/
./tftpd start

[/box]

Now create a basic web page, (index.html) which you can update later. Setup the website, then copy that file to a location that will be persistent (you will see why later).

[box]

cd /usr/local/httpd/bin
sudo ./busybox httpd -p 80 -h /usr/local/httpd/bin/
sudo vi index.html {ENTER SOME TEXT TO TEST, AND SAVE}
sudo mkdir /mnt/sda1/wwwsite/
sudo cp /usr/local/httpd/bin/index.html /mnt/sda1/wwwsite/index.html

[/box]

At this point, (if you want) you can use your favourite SFTP client, (I recommend FileZilla or WinSCP) and copy in some live web content to /mnt/sda1/wwwsite/ But ensure the home/landing page is still index.html though!

Step 2: Make TinyCore Settings ‘Persistent’

There may be better ways to do this, this just worked for me, and made sense! There’s a shell script that is executed as the TinyCore machine boots (bootlocal.sh) so if you edit that file and put in the commands to configure the IP, copy the website files from the permanent mount folder, start the web server, then start SSH and TFTP, you end up with a server doing what you want, every time the server boots.

[box]

sudo vi /opt/bootlocal.sh

ADD THE FOLLOWING TO THE BOTTOM OF THE FILE;

sudo ifconfig eth0 192.168.100.110 netmask 255.255.255.0 
sudo route add default gw 192.168.100.1
cp /mnt/sda1/wwwsite/index.html /usr/local/httpd/bin/index.html
cd /usr/local/httpd/bin/
Sudo ./busybox httpd -p 80 -h /usr/local/httpd/bin/
cd /usr/local/etc/init.d/
./openssh start
cd /etc/init.d/services/
./tftpd start

[/box]

Save and exit the file, then finally BACKUP THE CHANGES with the following command;

[box]

filetool.sh -b

[/box]

Related Articles, References, Credits, or External Links

NA

EVE-NG: Committing / Saving Qemu Virtual Machine Settings

KB ID 0001695

Problem

I’ve been working on a load balancing lab in EVE-NG this last week or so. I created some web servers (in TinyCore Linux,) to act as the web servers in that lab. (Essentially they serve a different colour web page so I can test the load balancing is working OK).

Now I wanted to save the changes I made so that I could redeploy the configured servers to multiple labs. But when you deploy a qemu VM as a node in a lab, EVE-NG copies the VM to the lab, and the changes you make, only apply to the node, in the lab, in the pod, you are working on!

So I wanted to update the ‘Master‘ image in EVE-NG, with the one I configured. Here is how to do that;

Solution

Firstly you need to get your POD NUMBER, you can get that from the user management screen, below you can see my user, (you can see already logged on), is using pod number 1.

Now you need to get the LAB ID NUMBER. Open the lab > Shut down the machine that you want to save the changes from > Lab Details > Copy the lab ID number.

Lastly you need the NODE ID NUMBER. Either  select Nodes and take note of the number, or right click the node and the node ID is shown (in brackets).

Armed with those three pieces of information, SSH into the EVE-NG host, and execute the following commands;

[box]

cd /opt/unetlab/tmp/POD-NUMBER/LAB-ID/NODE-ID/

for example;

cd /opt/unetlab/tmp/1/2277307f-b0bc-45a4-831f-a89a716b5841/3/

[/box]

Now depending on the VM/Appliance in question, it may be called hda.qcow2, or virtioa.qcow2 (a quick ls command will tell you!) Take the name and commit the changes with the following command;

[box]

/opt/qemu/bin/qemu-img commit hda.qcow2

[/box]

Job done!

Yes but you wanted three different servers? Correct, I then copied the server (twice) edited the IP address, and the web page served on the two copies and committed the changes back to the original VMs!

Related Articles, References, Credits, or External Links

NA

Windows Administrator “Lost Password” / “Password Reset”

KB ID 0000159

Problem

You have forgotten your password, or the administrators password fo your Windows machine.

Note: You can also ‘Blank’ or reset the DSRM (Directory Services Restore Mode) password on a Domain Controller (Tested on 2012 R2, by blanking the password). Using this method.

Lost Password : Fix

Lost Password Software Download Links

Password Reset CD Image (3.5Mb) Note: This is a .iso file – you need to burn it as an image! Simply dropping this file on a CD will NOT work.

WARNINIG – If your drive has been encrypted with Windows Bitlocker this procedure will not work!

Related Articles, References, Credits, or External Links

Windows 8 – Lost / Forgotten Password?

Linux – Install VMware Tools

KB ID 0001330 

Problem

Note: This is to install the VMware Tools NOT the OPEN-VM-TOOLS.

I’ve had to do this a few times now, and every time I Goolge how to do it, I get pages of instructions on how to install the open vm tools. When what I really want is to install the VMware Tools.

Solution

I’m using vSphere ESX, but even if you are using VMware Workstation or VMware Fusion, you can still select ‘Install/Upgrade VMware tools’, this presents a DVD image to the virtual machine.

The install for VMware tools uses Perl, so you will need to have that installed.

[box]

yum install perl

[/box]

Now we are going to mount the virtual CDROM/DVD drive into a folder, (called/mnt). Then when we have a look inside this folder, you will see the VMwareTools-{version}.tar.gz (take a note of this).

[box]

mount /dev/cdrom /mnt
cd /mnt
ls
TAKE NOTE OF THE VERSION!

[/box]

Unzip those files into the /tmp directory, then run the installer.

[box]

cd /tmp
tar zxf /mnt/VMwareTools-9.10.0-2476743.tar.gz
cd vmware-tools-distrib
./vmware-install.pl

[/box]

Keep pressing {Enter} to accept the defaults, when complete the mounted VMware tools DVD will be ejected.

 

Related Articles, References, Credits, or External Links

NA

CentOS / Redhat / Fedora – VMware VMXNET3 Adapter Not Working

KB ID 0001329 

Problem

This has tripped me up a couple of times, and if you Google the problem, you find a load of posts saying ‘Just install VMware tools that will fix the problem’

It Wont!

And I’ll tell you why, run ifconfig

You will notice you have a network card, but you will also notice that it’s got a strange name ‘ens160’ not eth0 as you would normally expect? Anyway let’s prove it’s not a driver issue by issuing a dhclient -v command. This basically forces the NIC up and makes it get a DHCP address, (assuming your NIC is connected to the correct network, and you have DHCP running of course!)

So this tells me it’s not a driver issue, and that installing VMware tools probably wont cure the problem.

It Didn’t!

Also if you reboot, you will find it’s not working again!

Solution

I’m going to use nano in a minute, (other editors are available), so I’ll install that first. (I’m logged in as root, you may need to prefix the following command with sudo if you are not).

[box]

yum install nano

[/box]

Remember my network card had a ‘funny name’, well change directory to the /etc/sysconfig/network-scripts directory, and you will see it’s config file, so let’s edit that, (change the text in red, to reflect your interface name, from the ifconfig command earlier);

[box]

cd /etc/sysconfig/network-scripts
nano ifconfig-ens160

[/box]

Make sure;

BOOTPROTO=dhcp

ONBOOT=yes

Now if you reboot your VM, it should come back up with networking enabled.

 

Related Articles, References, Credits, or External Links

NA

Using the VI Editor (For Windows Types)

KB ID 0001304 

Problem

I dont have a ginger ponytail, nor do I wear sandals, couple these two things together and you will understand why I find VI so confusing! Many times I’ve had to alter a config file on an appliance, or a Linux box, and sat frowning at VI wondering why I can’t change a one to a zero.

Note: Nano is easier, if possible try nano {filename} to save hassle. But on hardened appliances for example, it wont be there. 🙁

So, this article gives you enough information to open, edit, and save a file. If you want a massive tutorial on VI you are in the wrong place.

Solution

Not really part of VI but you need to know where the file is you want to edit, and the path to it;

[box]

For Example:

vi {filename}
vi {path}/{filename}

[/box]

You can ‘move around’ the file being edited with your arrow keys.

Deleting Text: Press the X key to delete the character that’s ‘under’ the cursor.

Selecting Text: Press (and hold) the V Key while using the arrow keys to select multiple text characters.

Note: From here you can CUT (press X), or COPY (press Y). To PASTE put the cursor where you want the text and press P.

Inserting Text: To actually type anything, you need to be in ‘insert‘ mode press I then type in your text.

Note: Some flavours of Linux give no indication you are in ‘insert‘ mode, (unlike the example below).

Saving and Exiting: you need to be in ‘command‘ mode to save and exit, to enter ‘command‘ mode press ESC. As above there may be no visual clue what mode you are in. To SAVE AND EXIT type :wq {Enter}. TO EXIT Type :q {Enter}. Basically q means quit and w means ‘write’ the changes.

Job done, now keep your Linux skills quiet or you may get your dinner money stolen, and not get a girlfriend.

Related Articles, References, Credits, or External Links

NA

Linux (CentOS 7) Generating CSR (Certificate Signing Requests)

KB ID 0001206 

Problem

If you want to use digital certificates on your CentOS server, then you will need to generate a CSR. It does not matter if you want to purchase a publicly signed certificate, or even if you are going to sign your own. Below is how to generate a CSR for a single web host.

Note: Most cert vendors now require a minimum key length of 2048 so thats what I’m going to use. And I’m assuming you have openSSL installed (type ‘openssl version‘ to find out). 

Solution

Execute the following command

[box]

[root@WebHost ~]# openssl req -newkey rsa:2048 -nodes -keyout www.YourSite.com.key -out www.YourSite.com.csr

[/box]

The CSR Generation process will begin and you will have to answer some questions;

[box]

Generating a 2048 bit RSA private key
.........................................+++
........................+++
writing new private key to 'www.YourSite.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:GB
State or Province Name (full name) []:Teesside
Locality Name (eg, city) [Default City]:Middlesbrough
Organization Name (eg, company) [Default Company Ltd]:YourSite
Organizational Unit Name (eg, section) []:YourSite
Common Name (eg, your name or your server's hostname) []:www.YourSite.com
Email Address []:administrator@YourSite.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:password123
An optional company name []:YourSite

[/box]

This will actually create the CSR, now you need to get the text from the CSR, and sent it to your certificate vendor ,or sign it with your own CA.

[box]

[root@WebHost ~]# cat www.YourSite.com.csr
-----BEGIN CERTIFICATE REQUEST-----
NIIDKTCCAhECAQAwga4xCzAJBgNVBAYTAkdCMREwDwYDVQQIDAhUZWVzc2lkZTEW
MBQGA1UEBwwNTWlkZGxlc2Jyb3VnaDEUMBIGA1UECgwLUGV0ZU5ldExpdmUxFDAS
BgNVBAsMC1BldGVOZXRMaXZlMRwwGgYDVQQDDBN3d3cucGV0ZW5ldGxpdmUuY29t
MSowKAYJKoZIhvcNAQkBFhtpbmZvcm1hdGlvbkBwZXRlbmV0bGl2ZS5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCudW2OhXUnEIpiN2oQnREoZVAn
Cvvb07+7gZb5NgxSSc8pYab3ic6mmEabM3c/m9mLtO3m4ZSTJrU9QC91Vn6PF90K
iqApOfizUnNFEOSJptpcoLxlUWUJF8PZUn9fYZyNhp30QQ3B5ajxc4ML0BB+4Wp2
1sjJzfAvtSsFmUSCEXlJTrWnYkGpZz4dYYRlQgTniY4++M/AG9gL99XuSKcSD5K0
4qr07J9a6AYA0tXJq+yN3EzcLSBkIVDuNv84e+CyXc8RV+BkaRTr/gYGwQU4C+IG
87Lw8GC6P1adUi2mR4GMMbZLPYa14Psao4ZA/Ihk9EFS2xqXQH2AZ2nUGPM7AgMB
AAGgNTAXBgkqhkiG9w0BCQcxCgwIcGFzc3dvcmQwGgYJKoZIhvcNAQkCMQ0MC1Bl
dGVOZXRMaXZlMA0GCSqGSIb3DQEBCwUAA4IBAQAPUo4AVBajrflZQRI8MrRyndpD
s6MqZQwYlrceZVZrut+htS14ZC/GbaPC7gOvxYyS52RSW4UiG3egi6H7NnhqHjR+
Dz859bLKIut3YeCo3sK5+aCxvcGEjA1uduqKg5WFwPj5BvnsIYezq3O5Q4FvfQAy
FElb9snk0sJ6GFYifjeza8+w6CIabUpyl0kyDoAbnjnnyhR0s5/h4L7X3zqaQ0J+
OZVRyj54nLXoFDw1n8pGRb31khlEwDzXvVe9+wreCZ6lLqhDki94Uq5LenqofUlw
MPucqVIA9lgvQ8vjyTWVQYYffMRlAx7g/SdVTIhFBqq7rsh9/XHn7qfXlc4c
-----END CERTIFICATE REQUEST-----
[root@WebHost ~]#

[/box]

Related Articles, References, Credits, or External Links

NA

Mac OSX and Linux – Quick and Dirty Web Server

KB ID 0001157 

Problem

I was clearing out some old emails yesterday, and saw one my colleague Steve had sent me. It was info on how to fire up a quick web server on your mac. It wasn’t until I took a look at it, I realised how handy it was.

After some reading, I found that it was not only possible on a mac, but on other flavours of Linux as well, (as long as they support ‘python’ and have it loaded).

WHAT USE IS THAT? What if you want to send a large file to a colleague? Yes you could use USB drives or dropbox, but executing one command is a lot quicker. Or what if you are on a site where everything is locked down, and only a few ports are open but you need to get a file somewhere, do a quick nmap scan and you can download your files over a different port.

Solution

First open a terminal window, then navigate to the folder you want to ‘serve’. Then simply execute the following command;

[box]

python -m SimpleHTTPServer 8080

[/box]

Note: Where TCP port 8080 is the port you want to use.
Then simply browse to https://{Your-IP-Address}:8080

BE AWARE: You shouldn’t see a problem if you use any port ABOVE 1024, however if you chose a lower port, you may see ‘Permission Denied’ errors.

To address that ‘sudo’ the command, (unless you are logged into Linux as root!)

Related Articles, References, Credits, or External Links

NA

GNS3 – Initial Setup, Adding Routers, Hosts, and ASA Firewalls

KB ID 0000927 

NOTE: THIS ARTICLE IS FOR THE OLD VERSION OF GNS3

GO HERE FOR THE NEW ONE

Problem

I dip into GNS3 every so often, (depending on what I’m working on). And each time I install it, I spend just as long remembering how to set it up, as I do using it! So, if for no other reason than I can use this page as a reference in future, here’s how to get it up and running.

Solution

Note: At time of writing he latest version is 8.6

1. Download GNS3, I accept all the defaults (I actually tick to install SuperPuTTy, as tabbed console windows can be handy when using GNS3). Launch the program, you will be greeted with the following setup wizard. Select Option 1.

Note: You can do the same in future, by going to Edit > Preferences

2. Check that the path to the ‘projects’ and your ‘images’ folder are where you want them to be. The defaults are fine but if you run GNS3 on several machines you might want to choose something like Dropbox > Apply > OK.

3. Option 2.

4. Click Test Settings > Have patience, it can take a couple of minutes > Apply > OK.

Adding Router Images to GNS 3

5. Option 3

Note: You can visit the same section in future by clicking Edit > IOS Images and Hypervisors.

6. Image file > Browse to the image you want to import. Here on GNS3 8.6 you can select the filename.bin file, with older versions you need to extract that file to a filename.image file.

Note: You need to legally download these images from Cisco. This means you need a Cisco CCO account, and a valid support agreement. DO NOT email me and ask for Cisco IOS images, (I will just ignore you!).

7. As mentioned above, it will convert my filename.bin image to an extracted filename.image file > Yes.

8. Set the Router platform and model > In the IDLE PC section click Auto calculation > This can take a while.

Note: You can do this later from the main workspace, and test a range of settings. I you don’t do this your virtual network devices will eat all your CPU power!

9. When complete click Close > Save > Close.

10. You can now start that model router to the workspace and use it. Repeat for each model of router you want to add.

Adding a Host to GNS3

Having a host machine for you labs is handy, usually you just need to be able to ping, or perform tracerts. So you can download a small Linux image from GNS3. There are a few options but I prefer linux-microcode.

11. Edit > Preferences.

n

12. Quemu > Quemu Guest > Give it an identifier name (can be anything) > Browse to, and select the image you downloaded.

13. Save > OK > Apply.

14. You can now drag a Quemu Guest machine onto the work space, and console into it.

Adding a Cisco ASA to GNS3

Yes you can add Cisco PIX as well, but there’s not many of them left in the wild.

15. Edit > Preferences > Quemu > ASA > Give it an identifier name (can be anything) > Set the RAM to 1024 > Set the Qemu options to;

[box]

-vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32

[/box]

Set the Kernel cmd line option to;

[box]

-append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

[/box]

16. You need two files to run the ASA, an initrd file and a kernel file. You need to create these from a legally obtained copy of the asa843-k8.bin file.</p?

Should you wish to locate these files form a less reputable source you are looking for
asa842-initrd.gz and asa842-vmlinuz, again don’t email me for them! If you are too stupid to use a search engine, then technical ninjary is not the correct career choice for you.

17. Finally select the vmlunuz file > Open.

18. Save > OK > Apply.

19. You can now drag an ASA onto the workspace and console into it (it takes a while, be patient). When the ASA starts it has all the licenses disabled, to add them you need to change the ASA’s activation key. An ASA Activation key is usually linked to the serial number of the ASA, in this case we don’t have a serial number, (that’s not strictly true, if you check, it’s something like 12345678). So I will publish a working activation key*

*Disclaimer, this will only work on this virtual ASA, and it’s published elsewhere on the Internet, if I receive a request to remove it I will do so.

Another ‘quirk’ is every time you add a new ASA to the workspace, you need to go through this process, if you enter the commands below you can issue a reload and also save the ASA, without the need to re-enter the activation key.

[box]

activation-key 0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6
{This can take 5-10 minutes}
copy running-config startup-config
{Enter}
copy startup-config disk0
{Enter}

[/box]

20. When it comes back up, (again it will take a few minutes). Your can check your ASA’s licensed features.

Related Articles, References, Credits, or External Links

Connecting GNS3 to VMware Workstation