[clug] VM preferences
Michael Cohen
scudette at gmail.com
Sat Jun 6 23:15:33 GMT 2009
Geoff,
I have set up CAs at work using removable USB sticks (or a hard
disk) with live ubuntu install. This has the advantage that when not
needed the CA is locked away in a safe - I have lots of easy click
icons on the desktop for the mostly windows users to feel happy with.
The other obvious advantage is you dont need any visualization
software as you can use any machine for a short time.
I would recommend against virtualizing a CA because the host machine
still has access to the guest and the security of the host is
obviously a weak point in securing the CA.
Michael.
On Sat, Jun 6, 2009 at 11:18 PM, Geoff Swan<shinobi.jack at gmail.com> wrote:
> I am interested to know what sort of virtualisation people use and/or
> prefer?? I am in the process of setting up a radius server for wireless
> authentication (EAP-TLS or TTLS or something (not sure yet)) which has
> led to needing to set up a CA which I read a comment somewhere is best
> done on a machine that is not usually online or a VM. Now I *have* :P to
> have a go at setting up a VM. I have tried with Xen in the past, but
> never quite got it working (although I hear it is very good), I have
> used vmware at work (on M$) but would like to stay opensource. So, I
> started to install KVM. No good though because my server is a little
> mini ITX VIA board (no HW virtualisation support). BTW AFAIK that also
> rules out Xen. I think this leaves me with virtualbox and qemu... I am
> in the process right now of trying to get one up running. I had hoped
> the vmbuilder for ubuntu jeos would build a qemu based vm for me but it
> got 90% through and fails (due to my machine not supporting kvm
> properly)... so now I am looking at virtualbox which at first glance
> seems to be tailored for gui usage. This is not ideal as I don't have X
> installed on the server... maybe back to a manual qemu build.
>
> btw - this is my first post to the list, so my apologies if there are
> any hiccups in formatting sending etc...
>
> cheers,
>
> --
> Geoff
>
> 'you think you're thinking, therefore you possibly are' - grant naylor
>
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>
More information about the linux
mailing list