Install VMware Workstation 16 on Debian 11/10

VMware is one of the best Type-II hypervisor technology and cloud computing software provider. It allows one to run another operating system inside your current operating system i.e Windows, Linux e.t.c. Normally, it bases its virtualization technology on bare-metal hypervisor ESX/ESXI in x86 architecture.

Vmware was founded in 1998 as a subsidiary of Dell Technologies. It has the following features:

• Increased efficiency and stability of data center systems
• Better provisioning of applications and resources
• Virtual desktop infrastructure
• Cloud management platform
• Has SDDC platform, a software stuck with vSphere, VMware vSAN and VMware NSX
• Improved networking and security i.e VMWaer NSX
• Simplified data center and cloud infrastructure

Vmware has two major versions, namely;

• VMware Workstation player – This is a basic VMware verison andn is non-commercial
• VMware Workstation Pro – Normally, this is a paid version that is more advanced and professional as well.

The VMware Workstation Pro has the following additional features:

• Allows snapshots
• Ability to create Linked Clones and full clones
• Remote vSphere Host Power Control
• Virtual Network Customization (NAT, network rename)
• Virtual Network Simulation (Packet Loss, Latency, Bandwidth)
• Allows creating and managing Encrypted VMs

By the end of this guide, you should be able to install VMware Player Workstation 16 on Debian 11/10. Further, I will demonstrate how to make an installation with VMware.

System Requirements.

The minimum requirements for a host system to be able to install VMware are:

• CPU – above 2GHz and 64-bit processor
• Memory – above 2GB RAM
• Disk Space – Depends on the host operating system, but you should have some space about 30GB free for Virtual Machine installation

Also remember, to get better performance, you should have a hardware virtualization (AMD-v/VT-d/VT-x) extension enabled from the BIOS of your host system.

Then install the required packages.

sudo apt update
sudo apt install build-essential gcc perl bzip2 dkms make
sudo apt install linux-headers-$(uname -r)

Update your system to the latest stable packages:

sudo apt update && sudo apt upgrade

Install VMWare Player | Workstation Pro 16 on Debian 11/10.

In this guide, we will install both the VMWare Player 16 and the Workstation Pro 16 on our Debian 11/10 system.

Step 1 – Download VMware Player | Workstation

Download VMware workstation pro and player using the provided links below

• VMware Workstation Player 16

Download VMware workstation Player from the official VMware Workstation downloads page

Alternatively, obtain the download link and pull it with Wget as below.

wget https://download3.vmware.com/software/WKST-PLAYER-1624/VMware-Player-Full-16.2.4-20089737.x86_64.bundle

• Vmware Workstation Pro 16

This version of VMware can be downloaded by visiting the official VMware Workstation Pro downloads page.

While on the above page, select Workstation Pro for Linux and proceed with your download.

Another way to download the bundle is by using Wget as below:

wget https://download3.vmware.com/software/WKST-1624-LX/VMware-Workstation-Full-16.2.4-20089737.x86_64.bundle

Step 2 – Install VMware Player | Workstation Pro 16

Now with the bundle downloaded successfully, proceed and install it. If you downloaded it from a browser, then you need to navigate to your downloads directory cd ~/Downloads Then make the downloaded file executable as below.

# For VMware Player
chmod +x VMware-Player-Full-*.x86_64.bundle

#For VMware Workstation Pro
chmod +x VMware-Workstation-Full-*.x86_64.bundle

Now with the file executable, install it on Debian 11/10 as below.

#For VMware Player
sudo ./VMware-Player-Full-*.x86_64.bundle

#For Workstation pro
sudo ./VMware-Workstation-Full-*.x86_64.bundle

The installation will commence as below.

Extracting VMware Installer...done.
Installing VMware Installer 3.0.0
Installing VMware Workstation 16.2.4
    Copying files...
[################                                                      [################                                                        [################                                                      [################....
..........
    Configuring...
[######################################################################] 100%
Installation was successful. 

As seen from the output above, the installation is successful now we need to install the required VMware modules i.e VMnet and VMmon.

Git clone the modules as below.

git clone https://github.com/mkubecek/vmware-host-modules.git
cd vmware-host-modules
git checkout workstation-16.2.1
make
sudo make install
sudo /etc/init.d/vmware start

Use VMware Player 16 | VMware Workstation Pro 16 on Debian 11/10.

Now that we have installed VMware successfully, we will proceed and use it. I will demonstrate this by installing Alpine Linux. Launch Vmware from the App Menu as below.

Accept the License Terms.

Accept updates for VMware.

Join the Customer Experience program.

If you want to license the Workstation Pro, enter your License here, otherwise proceed with the second option.

You will see the pop-up below.

That is it, proceed and create a virtual machine and install your required Operating system.

Creating a new VM will require you to make configurations. Select the type of configuration to use.

Select the ISO file of the Operating system you want to install.

Proceed and select the type of operating system you want to install on the VM.

Assign a name to the VM.

Set the disk size of the VM.

That is it! You have created a VM with the configurations given, you can alter the settings made by clicking on Customize Hardware.

Click Finish then proceed and install the OS of choice. For this guide, I installed Alpine Linux.

You can manage your VM, shutdown, start and pause using the panel shown.

Fix the “VMWare Kernel Module Updater” error on Debian 11/10.

In day-to-day use, you may encounter the error “VMWare Kernel Module Updater“. Fix it by cloning the patch code from GitHub as below.

sudo apt -y install git 
git clone https://github.com/mkubecek/vmware-host-modules.git

Rebuild and install the VMware modules.

cd vmware-host-modules
make
sudo make install

Then reboot your system for the changes made to apply.

sudo reboot

You can install VMware Guest additions/Tools to enable full integration between your host system and the Virtual machine. Install VMware Tools on Debian 11/10 with the aid of the guide below.

• How To Install VMware Tools on Debian

VMware Learning Materials:

• Top Courses To Learn VMware vSphere Administration
• Best Books To Learn VMware ESXi Virtualization

Voila!

Conclusion.

We have come to the end of this guide on how to install VMware Player | Workstation Pro 16 on Debian 11|10. I hope you learned a lot from this guide.

Refer: https://computingforgeeks.com/install-vmware-workstation-on-debian/

10 Essential Steps for Configuring a New Server in 2022

Contents

1 - User Configuration2 - Network Configuration3 - Package Management4 - Update Installation and Configuration5 - NTP Configuration6 - Firewalls and iptables7 - Securing SSH8 - Daemon Configuration9 - SELinux and Further Hardening10 - Logging

That’s a nice new Linux server you got there… it would be a shame if something were to happen to it. It might run okay out of the box, but before you put it in production, there are 10 steps you need to take to make sure it’s configured securely. The details of these steps may vary from distribution to distribution, but conceptually they apply to any flavor of Linux. By checking these steps off on new servers, you can ensure that they have at least basic protection against the most common cyber attacks.

What	Why
User configuration	Protect your credentials
Network configuration	Establish communications
Package management	Add what you need, remove what you don't
Update installation	Patch your vulnerabilities
NTP configuration	Prevent clock drift
Firewalls and iptables	Minimize your external footprint
Securing SSH	Harden remote sessions
Daemon configuration	Minimize your attack surface
SELinux and further hardening	Protect the kernel and applications
Logging	Know what's happening

1 - User Configuration

The very first thing you’re going to want to do, if it wasn’t part of your OS setup, is change the root password. This should be self-evident, but can be surprisingly overlooked during a routine server setup. The password should be at least 8 characters, using a combination of upper and lowercase letters, numbers and symbols. You should also set up a password policy that specifies aging, locking, history and complexity requirements if you are going to use local accounts. In most cases you should disable the root user entirely and create non-privileged user accounts with sudo access for those who require elevated rights.

2 - Network Configuration

One of the most basic configurations you’ll need to make is to enable network connectivity by assigning the server an IP address and hostname. For most servers you’ll want to use a static IP so clients can always find the resource at the same address. If your network uses VLANs, consider how isolated the server’s segment is and where it would best fit. If you don’t use IPv6, turn it off. Set the hostname, domain and DNS server information. Two or more DNS servers should be used for redundancy and you should test nslookup to make sure name resolution is working correctly.

3 - Package Management

Presumably you’re setting up your new server for a specific purpose, so make sure you install whatever packages you might need if they aren’t part of the distribution you’re using. These could be application packages like PHP, MongoDB, ngnix or supporting packages like pear. Likewise, any extraneous packages that are installed on your system should be removed to shrink the server footprint. All of this should be done through your distribution's package management solution, such as yum or apt for easier management down the road.

4 - Update Installation and Configuration

Once you have the right packages installed on your server, you should make sure everything is updated. Not just the packages you installed, but the kernel and default packages as well. Unless you have a requirement for a specific version, you should always use the latest production release to keep your system secure. Usually your package management solution will deliver the newest supported version. You should also consider setting up automatic updates within the package management tool if doing so works for the service(s) you’re hosting on this server 

5 - NTP Configuration

Configure your server to sync its time to NTP servers. These could be internal NTP servers if your environment has those, or external time servers that are available for anyone. What’s important is to prevent clock drift, where the server’s clock skews from the actual time. This can cause a lot of problems, including authentication issues where time skew between the server and the authenticating infrastructure is measured before granting access. This should be a simple tweak, but it’s a critical bit of reliable infrastructure.

6 - Firewalls and iptables

Depending on your distribution, iptablesmay already be completely locked down and require you to open what you need, but regardless of the default config, you should always take a look at it and make sure it’s set up the way you want. Remember to always use the principle of least privilegeand only open those ports you absolutely need for the services on that server. If your server is behind a dedicated firewall of some kind, be sure to deny everything but what’s necessary there as well. Assuming your iptables/firewall IS restrictive by default, don’t forget to open up what you need for your server to do its job!

7 - Securing SSH

SSH is the main remote access method for Linux distributions and as such should be properly secured. You should disable root’s ability to SSH in remotely, even if you disabled the account, so that just in case root gets enabled on the server for some reason it still will not be exploitable remotely. You can also restrict SSH to certain IP ranges if you have a fixed set of client IPs that will be connecting. Optionally, you can change the default SSH port to “obscure” it, but honestly a simple scan will reveal the new open port to anyone who wants to find it. Finally, you can disable password authentication altogether and use certificate based authentication to reduce even further the chances of SSH exploitation.

8 - Daemon Configuration

You’ve cleaned up your packages, but it’s also important to set the right applications to autostart on reboot. Be sure to turn off any daemons you don’t need. One key to a secure server is reducing the active footprint as much as possible so the only surface areas available for attack are those required by the application(s). Once this is done, remaining services should be hardened as much as possible to ensure resiliency.

9 - SELinux and Further Hardening

If you’ve ever used a Red Hat distro, you might be familiar with SELinux, the kernel hardening tool that protects the system from various operations. SELinux is great at protecting against unauthorized use and access of system resources. It’s also great at breaking applications, so make sure you test your configuration out with SELinux enabled and use the logs to make sure nothing legitimate is being blocked. Beyond this, you need to research hardening any applications like MySQL or Apache, as each one will have a suite of best practices to follow.

10 - Logging

Finally, you should make sure that the level of logging you need is enabled and that you have sufficient resources for it. You will end up troubleshooting this server, so do yourself a favor now and build the logging structure you’ll need to solve problems quickly. Most software has configurable logging, but you’ll need some trial and error to find the right balance between not enough information and too much. There are a host of third-party logging tools that can help with everything from aggregation to visualization, but every environment needs to be considered for its needs first. Then you can find the tool(s) that will help you fill them.

Each one of these steps can take some time to implement, especially the first time around. But by establishing a routine of initial server configuration, you can ensure that new machines in your environment will be resilient. Failure to take any of these steps can lead to pretty serious consequences if your server is ever the target of an attack. Following them won’t guarantee safety-- data breaches happen-- but it does make it far more difficult for malicious actors and will require some degree of skill to overcome.

Source: https://www.upguard.com/blog/10-essential-steps-for-configuring-a-new-server