Fun with VMware ESXi

Day one of playing with bare metal hypervisors, and I’m already having a blast.

I decided to try ESXi first, since it was the closest relative to what I’m running right now.

Straight out of the box, I run into my first error. I’m installing on a Dell Poweredge 1950 server. The CD boots into an interesting initialization sequence. The screen turns a featureless black, and there are no details as to what is going on behind the scenes. The only indication that the machine isn’t frozen is a slowly incrementing progress bar at the bottom. After around 20 minutes (I’m guessing the time it takes to read and decompress an entire installation CD into memory), the screen changes to a menu asking me to hit R if I want to repair, or Enter if I want to install. I want to install, so I hit Enter. Nothing happens, so I hit enter again. And again. And again. It takes a few more times before I realize that the “numlock” light is off. Curious, I hit numlock and it doesn’t respond.

Awesome.

I unplug and replug the keyboard in. Nothing. Move it to the front port. Nothing. I reboot and come back to my desk to research. Apparently, I’m not alone. Those accounts are from 2008. I downloaded this CD an hour ago, and it’s 3.5 U4 (the most current 3.5x release). It is supposed to have support on the PE1950, but if the keyboard doesn’t even work, I have my doubts.

Lots of people have suggested using a PS2 keyboard as the accepted workaround, but in a similar tone to most of my problem/solution options, this server has no PS2 ports.

I’m downloading ESX v4 now. I’ll update with how it goes, no doubt.

Encryption tools for Sysadmins

Every once in a while, someone will ask me what I use for keeping passwords securely. I tell them that I use password safe, which was reccommended to me when *I* asked the question.

Other times, people will ask for simple ways to encrypt or store files. If you’re looking for something robust, cross platform, and full featured, you could do a lot worse than TrueCrypt. Essentially, it hooks into the operating system’s kernel and allows it to mount entire encrypted volumes as if they were drives. It also has advanced security methods to hide volumes, so that if searched, no volumes would be found without knowing the proper key. In addition, it has a feature that can be valuable if you are seized and placed under duress: in addition to the “real” password, a 2nd can be setup to open another volume, so that your captors believe that you gave them the correct information. Unreal.

So you see that truecrypt is an amazing piece of software. For many things, it’s definitely overkill. Instead, you just want something light, that will encrypt a file and that’s it. In this case, Gnu Privacy Guard is probably your best bet. I use it in our company to send and receive client files over non secure transfer methods (FTP and the like). With proper Key Exchange, we can be absolutely sure that a file on our servers came from our clients, and vice versa. If you’re running a Linux distribution, chances are good you’ve got GPG installed already. Windows and Mac users will have to get it, but it’s absolutely worth it, and the knowledge of how public key encryption works is at the heart of everything from web certificates to ssh authentication. If you want to learn more about how to use it, Simple Help has a tutorial on it, covering the very basic usage. Once you’re comfortable with that, check out the manual.

I’m sure I missed some fun ones, so make sure to suggest what you use!