- Getting the Virtual Machine ready
- Specifying the virtual hardware requirements
- Installing the operating system
- Logging-in for the first time
- Preparing the VM for the VirtualBox Guest Additions software
- Adjusting Memory and Swap Accounting
- Installing the VirtualBox Guest Additions software
- Starting the Virtual Machine in Headless Mode
- Enabling Public Key Authentication
This guide describes how I build a basic server running Canonical's Ubuntu Server 16.04 LTS Linux operating system inside a VirtualBox virtual machine (VM). I also cover how to install the VirtualBox Guest Additions software on the freshly minted VM, as well as how to configure both host and guest accounts for public key authentication.
Although I wrote this document for myself, I make as few assumptions as is practical about the skill-level of the reader. Some of these tasks seem trivial to me now, but I still remember how difficult it was to piece this kind of information together without prior experience.
We will build a virtual machine (VM) with the following characteristics:
- It will be called ubuntu01
- It will use a bridged network adapter meaning it get allocated an IP address by the DHCP service
- It's fully-qualified network hostname will be ubuntu01.local, while it's machine name will be ubuntu01
- It will have two processors
- It will have 1024 MB of memory
- It will have a 128 GB sparse hard disk (the file on your host will grow as the disk fills up)
- It will have a single unprivileged user called administrator, referred to as the administrator
- The administrator will have superuser privileges
This guide reflects these characteristics. If you decide to change any of them then I will assume you know what you are doing.
You will need the following:
- A copy of the latest VirtualBox and VirtualBox Extension Pack software installed on your host machine.
- A copy of the Ubuntu Server 16.04.1 LTS ISO image for your host machine architecture downloaded and easily loacated.
- A terminal session or emulator software (e.g. Cygwin, PuTTY, WinSCP) that allows connection to remote machines over SSH.
- A means to generate SSH public/private key-pairs (e.g. ssh-keygen, PuTTY, WinSCP).
- Knowledge of how to use either the nano or vim text editors that come with Ubuntu Server.
- Passing familiarity with how to use technical guides like this one. I am not going to explain how to become superuser, edit configuration files, or the significance of $ and # prompts. I will assume you already possess that knowledge.
- Start the VirtualBox Manager
- From the Machine menu, select New...
- Complete the Name and operating system dialog:
- Name: ubuntu01
- Type: Linux
- Version: Ubuntu (64-bit)
- Leave Memory size at 1024 MB
- Set up a hard disk:
- Select Create a virtual hard disk now and Continue
- Select VDI (VirtualBox Disk Image) and Continue
- Leave the storage type as Dynamically allocated and Continue
- Leave the name as is but set the size to 128.00 GB and Create
Your new VM's name will now appear in the left of the VirtualBox Manager. It may already be selected (click on it if it isn't) and your virtual hardware specifications will appear to the right.
- Right-click on your VM's name, select Settings...
- Select the System category:
- Select the Motherboard tab:
- Uncheck Floppy
- Select the Processor tab:
- set Processor(s) to 2
- Check Enable PAE/NX
- Select the Motherboard tab:
- In the Audio category:
- Uncheck Enable Audio
- In the Network category:
- From Attached to options, select Bridged Adapter
These final changes to the virtual hardware specifications should now be reflected in the VirtualBox Manager.
We can now start the VM to install the operating system.
- Right-click on your VM's name, select Start > Normal Start
The VM will boot and its console will appear in a new window. You will be asked to select a bootable medium.
- Select the Ubuntu ISO image (if it is presented), or click on the folder icon to the right of the boot options to locate the ISO image on your host filesystem.
Under some circumstances you may not be prompted for bootable media, and your virtual machine starts but displays the following message:
FATAL: No bootable medium found! System halted.
Don't panic — this could happen if you corrected a previous mistake and reached this point again.
If this does happen then just follow the four steps below:
- Under the VM's console there are some small icons, one of which looks like a greyed-out disk — click on it
- If the Ubuntu ISO is presented as an option, select it
- Otherwise select Choose disk image...:
- Locate the Ubuntu ISO file on your host filesystem
- Click Open
- Close the console window:
- When asked, select Power off the machine
- Right-click on your virtual machine, select Start > Normal Start
All being well, your virtual machine starts and your will be prompted for the Language in which the first-time boot menu will be displayed:
- Select your Language, press Enter
- Select Install Ubuntu Server, press Enter
Now the Ubuntu installer will start. Be aware that you may need to use the Tab key to move between fields and buttons, while using the Enter key to enter values and progress through the installation.
- Select your Language (again), press Enter
- Select your Location, press Enter
- In Configure the keyboard:
- Choose No for Detect keyboard layout?, press Enter
- Select an appropriate Country of origin, press Enter
- Select an appropriate Keyboard layout, press Enter
- In Configure the network:
- Set Hostname to ubuntu01, and Continue
- At Configure users and passwords —
- Set Full name for the new user to Administrator, and Continue
- Set Username for your account to administrator, and Continue
- Choose a password for the new user and Continue
- Re-enter the password to verify and Continue
- Choose No when asked if you want to Encrypt your home directory
- At Configure the clock:
- Confirm your time zone
- At Partition disks:
- Select Guided - use entire disk and set up LVM
- Select the disk to partition (there should only be one)
- Choose Yes to Write the changes to disks and configure LVM
- Select the default size (136.9 GB) and Continue
- Choose Yes to Write the changes to disks
- In Configure the package manager:
- Configure your HTTP proxy information (I left mine blank), and Continue
- At Configuring tasksel:
- Select No automatic updates
- At Software selection:
- Ensure that both OpenSSH server and standard system utilities are selected (use the arrow keys to move the cursor and the Space key to toggle selections), then Continue
Important If you don't install the OpenSSH server then you will not be able to connect to your virtual machine using a terminal emulator and SSH.
- In Install the GRUB boot loader on a hard disk:
- Choose Yes for Install the GRUB boot loader to the master record
- In Finish the installation:
- Ensure that the bootable medium has been unmounted — the disk icon under the VM's console should be greyed-out
- If it wasn't then click on it and select Remove disk from virtual drive
- Now choose Continue
Your system will now reboot and your will eventually see a login prompt in the console.
Using the console to do anything on the VM is a miserable experience: for instance, there is no easy way to cut and paste, which can make life very difficult. We should aim to do as little as possible in the console and, to that end, we will log in once to get the VM's IP address. This will enable us to access the VM using a terminal session and SSH.
Bring the console window into the foreground. It may have gone completely blank, so press Enter to get the login prompt back. Now we will log into the VM for the first time and, hopefully, the last time using the console:
-
Log in as administrator
-
At the
$
prompt, typeifconfig
and press Enter -
You should see something like:
enp0s3 Link encap:Ethernet HWaddr 08:00:27:9d:ff:0f inet addr:192.168.1.112 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe9d:ff0f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5226 errors:0 dropped:0 overruns:0 frame:0 TX packets:1666 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:464893 (464.8 KB) TX bytes:150043 (150.0 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
There should be details of two network interfaces: one Ethernet and the other a Local Loopback. The address for the Local Loopback interface is 127.0.0.1, but We need the IP address for the Ethernet interface. Mine is 192.168.1.112, but yours is likely to be something else.
Once you have your VM's IP address, just log out of the console pressing Ctrl+D
, or by entering exit
at the prompt. Now use your terminal emulator to log in over SSH to the administrator at that IP address.
I'm using iTerm3 on my Mac, so I would do it like this:
$ ssh administrator@192.168.1.112
The first time you have connect, you might see something like this:
The authenticity of host '192.168.1.112 (192.168.1.112)' can't be established.
ECDSA key fingerprint is SHA256:vkUo2KH+vq9rolRjsMsW8rq3izKxF+dmhqY5pgi6JKA.
Are you sure you want to continue connecting (yes/no)?
If you see it then just enter yes when prompted.
You should now be logged-in, over your network, to the administrator account on your VM. Now you can now use cut and paste, and all of the other features not offered by the VM console.
Next time you start the virtual machine, you can do so using Headless Mode and use this method to log in.
Before we do away with the console forever, we need it in otder to install the VirtualBox Guest Additions software. The Guest Additions are designed to be installed inside a virtual machine after the guest operating system has been installed. They consist of device drivers and system applications that optimize the guest operating system for better performance and usability.
If you haven't done so already, boot your VM using the Normal Start and log in as administrator
We first need to prepare the system by installing a few required packages and ensuring that the server has the latest versions of the installed software:
$ sudo su
# apt install linux-image-extra-$(uname -r)
# apt install linux-image-extra-virtual
# apt install linux-headers-generic linux-generic
# apt install dkms build-essential module-assistant
# apt update
# apt upgrade
# m-a prepare
Shortly, we will restart the system and install the Guest Additions but, before we do so, there's another change we could make before the restart. The change is an optional but recommended alteration to the bootloader, particularly if you plan on deploying Docker Engine on this machine and don't wish to see the following warning:
no swap limit support
You should still be logged in as administrator with superuser active:
-
Open the /etc/default/grub file with your favourite editor
-
Set the GRUB_CMDLINE_LINUX value:
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
-
Save and close the file
-
Update GRUB:
# update-grub
Now restart your system:
# reboot
Once the system has booted, log in as administrator:
From the VM's console Devices menu, select Insert Guest Additions CD image.... This will attach the the Guest Additions disk image, which ships with VirtualBox, to the virtual machine. The disk icon below the console should now be illuminated.
$ sudo su
# mount /dev/cdrom /media/cdrom
# pushd /media/cdrom
# sh ./VBoxLinuxAdditions.run
# popd
Click on the disk icon below the console and Remove disk from virtual drive. You may forcibly unmount the disk image if prompted to do so.
Now that the Guest Additions are installed, you need never use the console again.
Power down the virtual machine:
# poweroff
The VM's console isn't always useful to have hanging around, so it is possible to start your virtual machine without a console, also known as Headless Mode.
In the VirtualBox Manager:
- Right-click on your VM's name, select Start > Headless Start
The virtual machine will now start without a console.
We are going to configure our host and remote guest accounts so that a password is not necessary when loggin into our remote guest account from our host account. We are going to being using the host account's private key as our login credentials. As well as being more convenient, this type of authentication help to eliminate man-in-the-middle-attacks as a vector for password theft.
Start you VM and open a terminal session on your host machine.
You need to create a pair of keys (one private, one public) which together constitute an identity that can be used by the host account to log into the remote account:
$ mkdir -p ~/.ssh
$ ssh-keygen -b 2048 -t rsa -f ~/.ssh/ubuntu01
Just press Enter (twice) to skip past the passphrase prompts. You should see something similar to this:
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ubuntu01.
Your public key has been saved in ubuntu01.pub.
The key fingerprint is:
SHA256:m7wx+aPU/rm37ORTftxyRebMNaxUfyG3mWm0qZxbo2k nukopia@Bear.local
The key's randomart image is:
+---[RSA 2048]----+
| |
| . = |
| * X|
| . @*|
| S o =*+|
| . - - o*|
| O . @++|
| . *. E+ *|
| o.oo=+==.|
+----[SHA256]-----+
The public key has an filename suffix of .pub
and may be shared with the other party. The private key, which has no suffix, must never be shared.
-
Copy the public key file to the remote account:
$ scp ~/.ssh/ubuntu01.pub administrator@192.168.1.112:
-
You should see something like this:
administrator@192.168.1.112's password: ubuntu01.pub 100% 400 0.4KB/s 00:00
-
Log into your remote account
$ ssh administrator@192.168.1.112
-
Set up the remote account's own ~/.ssh directory by generating the account's identity files:
$ [[ -d ~/.ssh ]] || ssh-keygen -b 2048 -t rsa
-
If the ~/.ssh is missing then it and the remote account's own keys will be generated — just press Enter at every prompt, going with the defaults and no passphrase. You should see something like this:
Generating public/private rsa key pair. Enter file in which to save the key (/home/administrator/.ssh/id_rsa): Created directory '/home/administrator/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/administrator/.ssh/id_rsa. Your public key has been saved in /home/administrator/.ssh/id_rsa.pub. The key fingerprint is: SHA256:9qBjPtRH1QOIYl9e/BJ9+qMoXWq+PSfd/45RjHpmmYc administrator@ubuntu01 The key's randomart image is: +---[RSA 2048]----+ | . o.+ | | o . o = + .| | . o o o o + | | . o . oo | | .S. ...o| | .o.o. o *.| | .+ .o = E +| | o.. . =.B *.| | .. +o..=.*| +----[SHA256]-----+
-
The public key you copied to the account earlier can now be appended to the authorized_keys file then deleted:
$ cat ~/ubuntu01.pub >> ~/.ssh/authorized_keys $ chmod 0600 ~/.ssh/authorized_keys $ rm ~/ubuntu01.pub $ exit
You should now be logged-out of the remote account and sitting at your host account's shell prompt.
Having generated a public/private key-pair on your host machine's account, and installed the public key on your virtual machine's administrator account, you can now log into the administrator account using the private key on your host machine host. When you authenticate using this method, you will not be asked for a password.
Try loggin in using the private key generated on your host system:
$ ssh -i ~/.ssh/ubuntu01 administrator@192.168.1.112
If you did everything right, you should be logged into your remote account without being asked for a password.
Log out, returning to your host account's shell prompt.
We do not want to be using the -i ~/.ssh/ubuntu01
option every time we login, so let's simplify the process by creating a SSH host config entry for the remote machine.
-
Open the ~/.ssh/config file using your favourite editor
-
Add a host entry:
Host ubuntu01.local ubuntu01 Hostname 192.168.1.115 IdentityFile ~/.ssh/ubuntu01 User administrator ForwardAgent yes Port 22
-
Save and close the file
With a host entry in our host account's ~/.ssh/config file, logging is a snap:
$ ssh ubuntu01