Create a Headless VirtualBox vHost

Install Base Server

  1. Leave the defaults for the language selection.
  2. Choose a hostname: VHOST (your choise)
  3. Enter your name: (John W. Smith)
  4. Create a username: jsmith
  5. Create a password for jsmith
  6. No directory encryption needed
  7. Verify that the time zone is correct
  8. for the next windows leave the settings at default unless you want to change them
  9. At the automatic update I choose “Install Security Updates Automatically”
  10. When you are prompted to pick your services only choose “OpenSSH Server”(we will add the others as needed)
  11. —lots of server thinking here—
  12. Choose yes to install the Boot loader
  13. Your base installation is finished!
  14. Reboot
  15. Login to server after reboot

Secure the Server

  1. Enable setup firewall
    sudo apt-get install ufw
sudo ufw enable
sudo ufw ufw status verbose
sudo ufw allow ssh
sudo ufw allow http
  2. Protect shared memory
    sudo vim /etc/fstab
    1. Add the following line to the document.
      tmpfs	/dev/shm	tmpfs	defaults,noexec,nosuid	0	0
  3. Protect SSH
    sudo vim /etc/sshd/sshd_config
    1. Change PermitRootLogin to NO
      PermitRootLogin	no
  4. Only allow admin users to use “su”
    1. Create an admin group
      sudo groupadd admin
  5. Add your self to the admin group
    sudo usermod -a -G admin jsmith
  6. Restrict access to /bin/su to admin group members
    sudo dpkg-statoverride –-update –add root admin 4750 /bin/su
  7. Check changed permissions
    ls -lh /bin/su
  8. Do not permit source routing of incoming packets
    sudo sysctl -w net.ipv4.conf.all.accept_source_route=0
    sudo sysctl -w net.ipv4.conf.default.accept_source_route=0
  9. Install DenyHosts to avoid ssh attacks
    sudo apt-get install denyhosts

Install Software

  1. Now we are going to install the required software for this headless virtual host to work.
    sudo vi /etc/apt/sources.list
    1. Add the following line to the bottom:
      deb http://download.virtualbox.org/virtualbox/debian precise contrib
  2. Then we download the VirtualBox public key…
    1. wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add -
  3. … and update our package database:
    1. sudo apt-get update
  4. Afterwards, we install VirtualBox 4.1 as follows:
    1. sudo apt-get install linux-headers-$(uname -r) build-essential virtualbox-4.1 dkms
  5. Starting with version 4.0, VirtualBox has introduced so called "extension packs" and has outsourced some functionality like remote desktop connection support (VRDP) that was part of VirtualBox packages before version 4.0 into these extension packs. Because we need remote desktop connections to control our virtual machines, we need to install the appropriate extension pack now. Go to http://www.virtualbox.org/wiki/Downloads, and you will find a link to the following extension pack:

VirtualBox 4.1.18 Oracle VM VirtualBox Extension Pack

Support for USB 2.0 devices, VirtualBox RDP and PXE boot for Intel cards.

  1. Download and install the extension pack as follows:
    1. cd /tmp
wget http://download.virtualbox.org/virtualbox/4.1.18/Oracle_VM_VirtualBox_Extension_Pack-4.1.18-78361.vbox-extpack
sudo VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-4.1.18-78361.vbox-extpack
  2. Now we must add the user that will run VirtualBox (jsmith in this example) to the vboxusers group:
    1. sudo adduser jsmith vboxusers

Install phpvirtualbox

  1. First create a system user called vbox and add it to the vboxusers group:
    1. sudo useradd -m vbox -G vboxusers
  2. Create a password for the vbox user:
    1. sudo passwd vbox
  3. Create the file /etc/default/virtualbox and put the line VBOXWEB_USER=vbox in it (so that the VirtualBox SOAP API which is called vboxwebsrv runs as the user vbox):
    1. sudo vim /etc/default/virtualbox
VBOXWEB_USER=vbox
    2. save and exit
  4. Next create the system startup links for vboxwebsrv and start it:
    1. sudo update-rc.d vboxweb-service defaults
sudo /etc/init.d/vboxweb-service start
  5. We need a web server with PHP support to serve phpvirtualbox - I'm using Apache2 here. Install Apache2 and PHP5 as follows:
  6. sudo apt-get install apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common apache2 apache2-doc apache2-suexec libapache2-mod-php5 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libapr1 php5-common php5-mysql php5-suhosin php-pear wget
  7. Restart Apache2:
    1. sudo service apache2 restart
  8. I want to serve phpvirtualbox from Apache's default virtual host with the document root /var/www (I will install it in /var/www/phpvirtualbox) - if you have a different document root, you must adjust the following steps:
    1. cd /var/www
sudo wget http://phpvirtualbox.googlecode.com/files/phpvirtualbox-4.1-11.zip
  9. Unzip phpvirtualbox and rename the phpvirtualbox-4.1-11 to phpvirtualbox for ease of use:
    1. sudo unzip phpvirtualbox-4.1-11.zip
sudo mv phpvirtualbox-4.1-11 phpvirtualbox
  10. Next go to the /var/www/phpvirtualbox/ directory…
    1. cd /var/www/phpvirtualbox/
  11. … and create the file config.php by copying it from config.php-example:
    1. sudo cp config.php-example config.php
  12. Open config.php and fill in the password you created earlier for the vbox system user:
    1. vi config.php
    2. [...]
/* Username / Password for system user that runs VirtualBox */
var $username = 'vbox';
var $password = 'secret';
[...]
  13. That's it already - you can now open a browser and access phpvirtualbox as follows:
    1. The default username is admin, the password is admin as well:
    2. http://test-vhost/phpvirtualbox/

Source

  • Last modified: 2018/02/25 01:18
  • by 127.0.0.1