I have several guest VMs that use Truecrypt full disk encryption running on a Hyper-V host. What are my options to allow VM owners to enter their own password to boot the machine?
Asked
Active
Viewed 230 times
0
-
You'll need to give them access to the VM console via Hyper-V Manager. – joeqwerty Dec 21 '16 at 14:11
-
VM console? Can you please elaborate? Currently they have to RDP to the host machine to enter password, which is terrible from security standpoint. I don't have a domain set up. – Sergei Dec 21 '16 at 14:16
-
The VM console. When you right click a VM in Hyper-V Manage and select "connect" and open the Virtual Machine Connection window. That's the VM console. You'll need to give them access to that. It sounds like that's what they're doing now via RDP to the host. – joeqwerty Dec 21 '16 at 14:22
-
Yes, they using VM console from RDP session to host machine. Problem is, they are not limited to managing their own VM, they have access to all VMs that way. Will it be different for remote management? – Sergei Dec 21 '16 at 14:29
1 Answers
1
You can use FreeRDP for this, since, VMConsole is based on RDP protocol, freerdp is compatible with it. We are using it for 'emergency manage' VMs on Core hypervisors.
#Select the VM
$SelectedVM = Get-VM -Name "MyVM"
#Get VMID for selected VM
$VMID = $SelectedVM.VMID
#connect with VMID
Write-Host -foreground "magenta" "Connecting to $name - $VMID”
Invoke-Expression "C:\freerdp\wfreerdp.exe /vmconnect:$VMID /v:127.0.0.1:2179"
I'm not completely sure this works from remote machines, and of course freerdp need authentication on the host machine, so u need to find a solution for access permission management.
Skyne
- 54
- 3