When you create a virtual machine with VMware Workstation, its execution is isolated from the host system.
However, everything you install and store in it will be stored in one or more vmdk files that represent the virtual hard disk of this virtual machine.
Since everything is stored in clear in these vmdk files, it's thus possible to read the contents of the hard disk of this virtual machine. For this, it's enough to map it from the settings of the virtual machine (Settings -> select the virtual hard disk to map -> Map). And of course you don't need the password of a user account in the guest OS.
To avoid this problem, VMware allows you to fully encrypt your virtual machine (its configuration and associated virtual hard disks).
From this moment, it will no longer be possible to map the virtual hard disk of this virtual machine on the host computer and you will need the password to use it.
Normally, vmdk files are readable by any program compatible with that format, and your virtual machine's configuration file is also accessible in plain text.
In VMware Workstation, when you select your virtual machine, you can do what you want with it at this time.
To encrypt your virtual machine, click "Edit virtual machine settings", then in the "Options" tab, select : Access Control.
Then, click Encrypt.
Specify a password to encrypt this virtual machine.
IMPORTANT : there is NO WAY to RECOVER this PASSWORD if you have lost it, because your data are encrypted with this password and it isn't a simple protection by password.
This means that without this password, it will be impossible to recover the data stored in the virtual hard disk(s) of this virtual machine. And data recovery software will not help you in this case.
Wait while encrypting your virtual machine (its configuration, virtual hard disks, ...).
Note : this process can take a long time depending on the size of your virtual machine and mainly depending on the actual size of the virtual hard disks associated with it.
Once the encryption process is complete, you will see : This virtual machine is encrypted.
From now, the configuration file of your virtual machine will no longer be readable from external programs, such as Notepad for example.
Indeed, all you will see will be :
If you close VMware Workstation (or your virtual machine's tab) and select it again, you will be prompted for a password.
Once you have entered the correct password, the virtual machine will be usable like any other virtual machine.
The only difference is that performance can be slightly altered due to encryption/decryption of data on the fly.
Indeed, although everything will be readable in the guest OS, all changes made in it will be encrypted on the fly in the virtual hard disk of your virtual machine.
From the moment the virtual machine (as well as its configuration) is encrypted, you will have the possibility to restrict access to the settings of the virtual machine.
You can therefore allow a user to use a virtual machine by giving him the password to use it, but while blocking access to the settings of it with a second password.
As indicated on the "VMware Workstation 16 Pro Release Notes" page of the VMware site, the restrictions that you could set on virtual machines are no longer available since version 16 of VMware Workstation.
You can also allow or not hot-plug USB devices to this virtual machine to prevent, for example, spreading viruses and it retrieves data from the virtual machine to store them directly on its USB key.
You can also automatically expire the virtual machine on a specific date if you wish.
If you click the "Advanced" button at the bottom right, you can also specify the message to display when the virtual machine has expired and specify which time server to contact to find out when the virtual machine will be expired.
By default, VMware Workstation will use the VMware Time Server : https://rvm.vmware.com
Once you have activated the restrictions, close the window and return to the settings of your virtual machine.
As you can see, the settings are no longer editable and an "Enter the restrictions password to access all settings" message appeared at the bottom.
Click on this button : Unlock All Settings.
Specify the password for the restrictions.
And you can change the settings of your virtual machine.
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2020 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.