New
#11
Hi there
@cereberus
On an older PC even with only MBR and BIOS you can get KVM and W11 to work with TPM emulator and UEFI sec boot.
The trick is to reduce the OS overhead -- KVM being a HYPERVISOR is very efficient in that regard. If you don't say install a GUI you can create the VM -- the easiest way is by "cheating" -- use a VM you've created with the virt-manager in a GUI and then copy the XML file !!.
This UBUNTU link from Google should enable you to set it up properly --- don't forget of course you'll also need package ovmf to enable sec boot and UEFI in the VM's virtual BIOS. Use the bottom bit "testing without a resource manager" for your Windows VM.
TPM/Testing - Ubuntu Wiki.
for OVMF on ubuntu :
How to install ovmf ubuntu package on Ubuntu 20.04/Ubuntu 18.04/Ubuntu 19.04/Ubuntu 16.04
some installations when starting the libvirt(d) service might error out on missing dmidecode --install that as well if needed -- you can check that the libvirt service is running -- as root / sudo : systemctl status libvirt (or on some distros it might be called libvirtd.
remote access to the VM is easily enough done via RDP from a Windows laptop or things like xrdp from a Linux desktop. You can logoff the host completely and still access the VM remotely.
Note though for VM->HOST communication you need to set up a macvtap NIC -- see previous notes on how to achieve that.
E.g filezilla from VM to HOST via sftp://192.168.254.1
for HOST>VM communication just use the VM's IP address.
VM has normal network access to rest of your LAN and standard Internet access.
When re-booting the HOST you can enable if you want the VM to start automatically. Ensure network services are started automatically on the HOST as well e.g systemctl enable NetworkManager (or whatever the network services are called on UBUNTU if that's what you are using.
This thing flies on an old Sony VAIO laptop -- doesn't even have USB3 ports -- but does have HDMI screen and decent (although a very old) i5 processor and I replaced the laptop HDD with an SSD.
Cheers
jimbo
Last edited by jimbo45; 08 Sep 2021 at 03:26. Reason: Added image of VM to Host communication
Yes, as a proof of concept, it gets you assured to meet the requirement.
But as of now, with W11 still in beta, you don't need the TPM in the VM as it will install without question.
There might be a VM detection during install.
So unless this requirement gets enforced in RTM, you can install W11 in VM without TPM.
Do correct me if I'm wrong, last time I installed from ISO (22000.100) it was working properly.
Hi there
@Hopachi
My view is that if running on a VM one should try and replicate the hardware requirements to prevent updates etc breaking it. It *Might* be possible to install without a VM but you certainly will need UEFI boot. Since also on both Linux and Windows Hosts TPM's can be emulated it seems a bit of a waste not to set them up.
remember also for HOST TO GUEST communication use the IP with the BLANK default gateway - not the physical IP address
so in this case the IP address to be used is NOT 192.168.1.187 but 192.168.254.104.
I've shown the other way around in a couple of posts back for GUEST TO HOST
(For the rest of a LAN the physical addr of the VM is acessible. The VM also has access to network and internet as usual).
It's a bit fiddly but easily enough done.
jimbo
Thanks for the details Jimbo.
I'll have to tweak more with networking on that regard.
True. It makes the solution bulletproof. And it runs as required. I'm not against it and I highly recommend this for the sake of compatibility.
In the more extreme cases / older hardware: My view is "if it works without it, don't add it" what would make the VM slighly lighter in resources and cpu usage for an older machine.
Not that this will be visible in performance but it's possible; the VM tends to get quite heavy for the older cpu's. So the less emulated hardware the better.
This I do with copy/paste, be it either in KVM and Hyper-V it works.remember also for HOST TO GUEST communication use the IP with the BLANK default gateway - not the physical IP address
This is more challenging. For me. As I haven't fiddled with FileZilla that way.I've shown the other way around in a couple of posts back for GUEST TO HOST
Yes, I'll have to try that out.
What I use now is usb / disk pass-through to get the data out.
My problem is I cannit work out how to install swtpm on unbuntu. Web shows lot of info but assume a deep knowledge of linux and it should not be that hard to do.
Check this:
TPM/Testing - Ubuntu Wiki
The important note below the page: official binary packages not available at the moment.
So not the most easiest in Ubuntu at the moment.
But still it can be done.
Add this ppa as shown here to be able to install:
swtpm : Scott Moser
Last edited by Hopachi; 08 Sep 2021 at 17:24. Reason: added note
Hi there
@cereberus
Check post a few back on installing tpm on ubuntu - the main thing for Linux users you need to be in "Super user" mode which means either run as root (type su from the terminal and enter a password) or if some distros don't allow root then use sudo.
to install a package on Linux - it's usually quite simple -- depending on the distro it's commands like pacman -S package, yum install package or probably on ubuntu (I don't usually run ubuntu as I stick to fedora and Arch Linux) it's apt-get install package.
So to install ovmf on ubuntu :
sudo apt-get install -y ovmf
same for swtpm, swtpm-tools and possibly dmidecode. For the KVM virtual machine manager it's probably on Ubuntu apt-get install virt-manager.
now re-boot and you are "good to go".
Note also in Linux most of the configuration files are text type files (with maybe the odd xml one or two) in directory /etc (under root which is '/'. These files can be edited with any file manager --even Windows notepad - or if you can handle a command type line editor use NANO or VIM.
The package manager will do any necessary compiling, "unzipping", configuration set up etc etc. Installing packages on Linux actually can be a lot less hassle than installing things in Windows !!!!!
Cheers
jimbo