Running VMware Server Console on a Mac

Posted on By Mark Wilson

Last year, I bought a 20″ wide-screen monitor which I run at a resolution of 1680×1050 pixels. Working with all that screen space is fantastic (especially with 4 virtual desktops), except that I’ve got so used to it that the standard 1024×768 pixels on the notebook PC that I use for work seems too small and an upgrade is out of the question as the PC is only 18 months old.

For a while now, I’ve been running the notebook on the desk next to my main display but I’m running out of desk space. As I virtualised my corporate Windows XP build a while back, I thought it would be great if, when I’m working at home, I could run the Linux VMware Server Console on my Mac (which is connected to the large display). The virtual machine would still be limited to 1024×768 but I could access corporate applications in the VMware Server Console and do the big screen stuff (web, e-mail, document edits, etc.) natively on the Mac, using the whole display. Yes, I know that if I used Microsoft Virtual Server I could run it in a browser, but I’d need ActiveX and I’m not using Internet Explorer. Similarly RDP is an option, but I find it to be a bit flaky on an Intel Mac. Anyway, I’m a (pseudo-)geek and so I need to feed on problems like this from time to time!

Actually, much of the hard work has already been done for me – googling for vmware console mac soon turns up Rui Carmo’s article at The Tao of Mac on how to run [the VMware Console] remotely with Apple’s X11; however Rui’s article was written a while ago now and my VMware Server (v1.0.1-build 29996) installation on Fedora Core 5 doesn’t use the command vmware-console – instead I have to use vmware. Nevertheless, it got me 90% of the way there:

  • On the (Linux) VMware Server:
    • Configure SSH and X11 forwarding (my original post used a Windows client and public/private keys but the principles are similar – this time I used password authentication, making sure that the PasswordAuthentication yes and X11Forwarding yes lines were present in /etc/ssh/sshd_config and restarting the SSH daemon with service sshd restart).
    • Locate an appropriate keyboard map in /usr/lib/vmware/xkeymap/, edit the map if necessary (there is a VMware article about keyboard mapping on a Linux host that may be useful – don’t worry that it’s a VMware Workstation document) and edit ~/.vmware/preferences to include xkeymap.language="keyboardmap" (I used gb101 for my Apple UK keyboard).
  • On the Mac:

At this point VMware Server Console ran successfully under X11 on my Mac; however whenever I powered on a virtual machine all I saw was a black screen and a message in the xterm window which read:

X11 connection rejected because of wrong authentication.

After trying a remote VMware Server Console connection to localhost and restarting the Linux host (I’m not sure which, if either, of these made a difference) I found that the virtual machine was actually starting but that for some reason the display wasn’t being repeated in the X11 VMware Server Console on the Mac; however this time there was a different message displayed:

Unable to connect to the MKS: You need execute access in order to connect with the VMware Server Console. Access denied for config file: /var/lib/vmware/Virtual Machines/virtualmachinenname/virtualmachinenname.vmx.

After setting execute permissions to the virtual machine configuration file chmod +x virtualmachinenname.vmx (changing the permission set from 640 to 751), I was able to successfully view the VM on the Mac (and simultaneously on the Linux host) – the only (very minor) issues are that the mouse pointer is solid white when accessing the virtual machine (so sometimes I lose it) and that the sound is not forwarded (no big deal). Now my notebook PC is docked on a shelf away from the desk, with the lid closed, and I’m running the VMware Server Console from the Mac, having reclaimed some space on my desk.

What was that password again?

Posted on By Mark Wilson

In the course of my daily computing activities I have to remember hundreds of username and password combinations. Literally. Just at work there are two (yes two!) timesheet applications, then there’s my corporate domain credentials, remote access, mobile phone billing portal, etc., each with their own username and password complexity/expiry policies; then there are all the systems at home; and finally the plethora of websites at which I have an account.

There are those who say that writing down credentials is a bad idea, whilst others say that using a single username and password combination is bad practice – these people are absolutely correct as, once compromised, an attacker has access to all the systems that use those credentials but we also need to be pragmatic – how can any user seriously be expected to remember all the usernames and passwords for the multitude of systems that they access? Indeed, many of the credentials I used are stored in my browser’s password manager – I haven’t a clue what my password is and I just open up the page and let my browser auto-complete the fields for me.

If we cast our minds back a few years to the launch of the Microsoft.net Framework, Passport.net was supposed to take away a lot of the hassle for web service authentication and we all know what a failure Passport was (outside Microsoft) – people just didn’t want Microsoft holding the keys to all their systems – InfoCard could well succeed where Passport failed but I have an identity crisis right here, right now!

One of the systems that I access regularly was recently moved to a new server – hence to a new URL and so the stored username and password didn’t work for me. This is where one of the handy system utilities that I wrote about a while back came in useful – I went to the old URL for the application, let the browser auto-complete the details and Nirsoft AsterWin IE was able to scan for the stored password, which I could then manually enter at the new site.

Of course, this advice comes with all the usual caveats when using third party applications to probe for security details… I haven’t checked for any unwanted side effects of using this application and you have been warned!