By design, uniquely identifying a virtual machine is difficult; anything that allowed you to uniquely identify it would imply that it was not fully virtual (because cloning a virtual machine should produce an identical machine).

按照设计，唯一标识虚拟机很困难；任何允许您唯一标识它的东西都意味着它不是完​​全虚拟的（因为克隆虚拟机应该产生相同的机器）。

1. Create a heartbeat application on the host machine that communicates with the VM via a loopback network adapter.
2. Have the heartbeat application refuse to run if it is not able to uniquely identify the host machine.
3. Have the main application refuse to run if the heartbeat application is not running.

1. 在主机上创建一个心跳应用程序，通过环回网络适配器与 VM 通信。
2. 如果心跳应用程序不能唯一标识主机，则让心跳应用程序拒绝运行。
3. 如果心跳应用程序未运行，则让主应用程序拒绝运行。

You will need to find a way to ensure that the heartbeat application cannot be spoofed too easily.

您需要找到一种方法来确保心跳应用程序不会被轻易欺骗。

It is not possible to protect the terminal program 100%. This question is equivalent to trying to prevent software piracy.

无法100% 保护终端程序。这个问题相当于试图防止软件盗版。

The best thing I've found is the BIOS UUID - but it's far from perfect for your use case.

我发现的最好的东西是 BIOS UUID - 但它对于您的用例来说远非完美。

The SMBIOS UUID available inside the VM is also used by the VMware hypervisor and management tools as VirtualMachine.config.uuid (See: the uuid property on this page). This means it is guaranteed to be unique on a particular host, or in a particular vCenter. However, it can be duplicated on separate hosts or separate vCenter installations.

VM 内可用的 SMBIOS UUID 也被 VMware 管理程序和管理工具用作 VirtualMachine.config.uuid（请参阅：本页上的 uuid 属性）。这意味着它可以保证在特定主机或特定 vCenter 中是唯一的。但是，它可以在单独的主机或单独的 vCenter 安装上复制。

Also, the BIOS UUID on a virtual machine is mutable. It can be changed through the API (though not easily through the client).

此外，虚拟机上的 BIOS UUID 是可变的。它可以通过 API 进行更改（尽管通过客户端不容易）。

This probably approaches your 95% mark, as it would take some special effort and setup to duplicate the VM exactly.

这可能接近您的 95% 标记，因为需要一些特殊的努力和设置才能完全复制 VM。

However, from a virtualization-enablement perspective (including things like VM disaster recovery, and future upgrades of virtualization software): using a hardware ID like the UUID or MAC address causes all sorts of problems. When they want to rev the OS version underneath your software, usually by creating a new virtual machine, they would need to manually edit the VM config for both servers to change the UUID to match. Using the MAC, if they change the network architecture, your software requires that VM to be a special case. These things just cause headaches for a virtual admin (but they might be the exact headaches you're trying to cause - only you know for sure).

然而，从支持虚拟化的角度来看（包括虚拟机灾难恢复和虚拟化软件的未来升级）：使用像 UUID 或 MAC 地址这样的硬件 ID 会导致各种各样的问题。当他们想要在你的软件下修改操作系统版本时，通常是通过创建一个新的虚拟机，他们需要手动编辑两个服务器的 VM 配置以更改 UUID 以匹配。使用 MAC，如果他们改变了网络架构，你的软件需要那个 VM 是一个特例。这些事情只会让虚拟管理员头疼（但它们可能正是您想要引起的头疼问题——只有您确定）。

I'd recommend using the permissions-based approach you mention, or even a concurrent-licensing server if necessary. But I'm coming from a heavily-virtual background where hardware-tied licenses are a headache already.

我建议使用您提到的基于权限的方法，甚至在必要时使用并发许可服务器。但我来自高度虚拟的背景，硬件绑定许可证已经是一个令人头疼的问题。

Simplest solution is to use the mac address, but note that it is easily changed on Windows by editing the registry. I'd say less than 5% of people know how to do that though.

最简单的解决方案是使用 mac 地址，但请注意，在 Windows 上通过编辑注册表可以轻松更改它。我会说只有不到 5% 的人知道如何做到这一点。

Here's how to get the mac address in C#:

C#获取mac地址的方法如下：

System.Net.NetworkInformation.NetworkInterface.GetPhysicalAddress();

You can tie the license to the MAC address of the network card (or cards, if there are several).

您可以将许可证绑定到网卡（或网卡，如果有多个）的 MAC 地址。

Of course, changing the network card would then stop your software from working.

当然，更改网卡会导致您的软件停止工作。

If/When TPMbecomes standard on servers, you should be able to use it to authenticate the server.

如果/当TPM在服务器上成为标准时，您应该能够使用它来验证服务器。

You can get the PC's MAC Address as shown here: http://www.java2s.com/Code/CSharp/Network/GetMacAddress.htm

您可以获得 PC 的 MAC 地址，如下所示：http: //www.java2s.com/Code/CSharp/Network/GetMacAddress.htm

Of course, this approach is not without flaws. There are other approaches listed in this post, which is similar, but not an exact duplicate: What's a good way to uniquely identify a computer?

当然，这种方法也不是没有缺陷。这篇文章中还列出了其他类似但不完全相同的方法：唯一标识计算机的好方法是什么？

expanding on the macaddress approach. you could use the macaddress with an md5 function around it with a SALTthat was only known to the system owners. this way, the macaddress is useless without knowing the SALT.

扩展 macaddress 方法。你可以使用带有 md5 函数的 macaddress 和一个只有系统所有者知道的SALT。这样，macaddress 在不知道SALT 的情况下是无用的。

just my tuppence worth.. :)

只是我的 tuppence 值得.. :)

[edit] - see also here for c# example on hashing/salting etc:

[编辑] - 另请参阅此处有关散列/加盐等的 c# 示例：

MD5 hash with salt for keeping password in DB in C#

带有盐的 MD5 哈希值，用于在 C# 中将密码保存在 DB 中

http://www.obviex.com/samples/hash.aspx

http://www.obviex.com/samples/hash.aspx

If you want 95% I'd go with the Mac ID- it can be spoofed, but by default is unique for the machine.

如果您想要 95%，我会使用Mac ID- 它可以被欺骗，但默认情况下对于机器来说是唯一的。