C H A P T E R 4
Managing Virtual Machines and the VMware GSX Server Host
121
Checking Permissions in the VMware Management Interface
The VMware Management Interface lists the permissions you have for each
configuration file on the host machine to which you are connected. The permissions
appear on the Users and Events page for each virtual machine. For more information,
see
Viewing a List of Connected Users on page 145
.
Only virtual machines for which you have read access are visible to you in the VMware
Management Interface.
Securing Your Remote Sessions
The username, password and network packets sent to the GSX Server host over a
network connection when using the VMware Virtual Machine Console or the VMware
Management Interface are encrypted in GSX Server by default. As the Administrator
user (Windows hosts) or root user (Linux hosts), you can disable Secure Sockets Layer
(SSL) if you do not want to encrypt these sessions.
With SSL enabled, GSX Server creates security certificates and stores them on your
host. However, the certificates used to secure your VMware Management Interface
sessions are not signed by a trusted certificate authority; therefore they do not
provide authentication. If you intend to use encrypted remote connections externally,
you should consider purchasing a certificate from a trusted certificate authority.
With SSL enabled, the console and management interface perform exactly as they do
when SSL is disabled.
When SSL is enabled for the VMware Virtual Machine Console, a lock icon appears in
the lower right corner of the console window. Any consoles that are already open at
the time SSL is enabled do not become encrypted, and the lock icon does not appear
in these console windows. You must close these consoles and start new console
sessions to ensure encryption.
When SSL is enabled for the VMware Management Interface, the URL to connect to
the management interface is
https://<hostname>:8333
. The management
interface automatically redirects users to this URL if they use the insecure URL
(
http://<hostname>:8222
) to connect. A lock icon appears in the status bar of
the browser window.
If you disable SSL, users are automatically redirected to
http://<hostname>:8222
if they use
https://<hostname>:8333
to
connect to the management interface.
Note:
If SSL is disabled then enabled again, any new management interface
connections to the non-secure port (8222) are not redirected.
Summary of Contents for GSX Server 3 Administration
Page 1: ...Administration Guide TM...
Page 8: ...www vmware com 8...
Page 42: ...www vmware com 42 VMware GSX Server Administration Guide...
Page 86: ...www vmware com 86 VMware GSX Server Administration Guide...
Page 184: ...www vmware com 184 VMware GSX Server Administration Guide...
Page 226: ...www vmware com 226 VMware GSX Server Administration Guide...
Page 240: ...www vmware com 240...