Enable ESX remote ssh root access

Published August 4, 2007 | By Rich Brambley

If you are getting an error trying to remotely connect to an ESX host via ssh it is because root ssh access is disabled by default. Therefore winscp, putty, or any other remote console tool will fail.

These steps are taken from the VMware Partner Plan and Design toolkit document tilted “VI Assembly and Configuration Guide” written by Pang Chen. Here are the steps necessary to enable root to have ssh remote access.

Step 1a – Enable remote ssh root access

Modify the PermitRootLogin flag to yes in the /etc/sshd/sshd_config file to allow root remote login.

# perl -spi -e ‘s|PermitRootLogin no|PermitRootLogin yes|’ /etc/ssh/sshd_config

Step 1b – Enable remote ssh root accessConfirm change.The value should illustrate yes, with no hash mark prior to the flag.

# grep ‘PermitRootLogin’ /etc/ssh/sshd_config

PermitRootLogin yes

Step 1c – Enable remote ssh root access

Restart the sshd service:

# service sshd restart

Changing NTP Server in ESX 3.5 fails with error “failed to change host configuration” (11)
I ran into another ESX configuration issue this week that seems to continue to hang around even though it was identified quite a long time ago. After a fresh install of two different ESX 3.5 Update 2 ...
How to use APC Powerchute to shutdown ESX 3.x (17)
Stefanschuller.com has a great post on getting APC Powerchute to work correctly with ESX servers. "APC has a guide on how to do this but it doesn’t totally cover the installation for VMware ESX 3.0.x...
Identify ESX Server Switch Ports Without Tracing Cables (10)
If you've ever had to manually trace the cables from servers to network switches in a rack you probably were not very happy about it. In fact, if you've ever had to trace 10 cables from each ESX host ...
Modify VirtualCenter and ESX web interface to prevent VI Client downloads (7)
VMware's VI Client is the remote management tool for VirtualCenter Server, ESX hosts, and Virtual Machines. In a default installation of VI 3.5 it can be downloaded without user authentication from th...
Best Practices for ESX Host Partitions (33)
Installing ESX is fast and simple. By default you could click through the installer GUI changing only your local time zone and end up with a stable, dependable host. However, there are some recommende...
Don’t Hit Ctrl+Alt+Del On the ESX 4 Console (14)
As reported on vreference.com, there is a dangerous default in ESX 4. Before I expand on this potential problem I want to point out that a bug report has been files with VMware for correcting this in ...
How to get ESX Host and Virtual Machine Disk I/O Stats (2)
How to use VC to get ESX Host and VM Disk I/O Stats Using the VI Client Connect the VI Client to VirtualCenter Select an ESX host in the object tree on the left Click the Performance tab...
Designing ESX Resource Pools (13)
How do you design resource pools in an ESX Cluster? There are two strategies that are the most popular in my experience. The first strategy creates resource pools based on CPU and Memory shares for ho...
How to Backup VMware ESX Servers (22)
The subject of backing up ESX hosts for disaster recovery comes up from time to time, but not nearly as often as backing up the virtual machines. To be specific, I am talking about backing up the ESX ...
Use the VI Client Datastore Browser to Upload Files to ESX Hosts (83)
Using the VI Client Datastore Browser to Upload Files to ESX Hosts Running the latest version of ESX3.5 enables a lot of usability enhancements in the VI Client. Many of the administrati...

Posted in vmware | Tagged esx, how to, putty, ssh, vmware, winscp

Pingback: Use the VI Client Datastore Browser to Upload Files to ESX Hosts | VM /ETC
http://www.kreslavsky.com/2008/11/vmware-esx-post-install-tips-part-1.html SSH

You can use scripts

For SSH
f ! ( grep “PermitRootLogin yes” /etc/ssh/sshd_config > /dev/null 2>&1 ); then
sed -e ’s,PermitRootLogin no,PermitRootLogin yes,g’
/etc/ssh/sshd_config > /tmp/sshd_config && sync
cp -f /tmp/sshd_config /etc/ssh/sshd_config
echo “-I- SSH Root Login enabled”
else
echo “-I- SSH Root Login already enabled”

For Firewall issue

esxcfg-firewall -e nfsClient

chkconfig firewall off > /dev/null 2>&1
chkconfig iptables off > /dev/null 2>&1
chkconfig –level 3 portmap on > /dev/null 2>&1
chkconfig –level 3 netfs on > /dev/null 2>&1
chkconfig –level 3 vmware on > /dev/null 2>&1
chkconfig –level 3 vmware-late on > /dev/null 2>&1
chkconfig –level 3 mgmt-vmware on > /dev/null 2>&1

Taken from http://www.kreslavsky.com
http://www.kreslavsky.com/2008/11/vmware-esx-post-install-tips-part-1.html SSH

You can use scripts

For SSH
f ! ( grep “PermitRootLogin yes” /etc/ssh/sshd_config > /dev/null 2>&1 ); then
sed -e ’s,PermitRootLogin no,PermitRootLogin yes,g’ \
/etc/ssh/sshd_config > /tmp/sshd_config && sync
\cp -f /tmp/sshd_config /etc/ssh/sshd_config
echo “-I- SSH Root Login enabled”
else
echo “-I- SSH Root Login already enabled”

For Firewall issue

esxcfg-firewall -e nfsClient

chkconfig firewall off > /dev/null 2>&1
chkconfig iptables off > /dev/null 2>&1
chkconfig –level 3 portmap on > /dev/null 2>&1
chkconfig –level 3 netfs on > /dev/null 2>&1
chkconfig –level 3 vmware on > /dev/null 2>&1
chkconfig –level 3 vmware-late on > /dev/null 2>&1
chkconfig –level 3 mgmt-vmware on > /dev/null 2>&1

Taken from http://www.kreslavsky.com
Pingback: Enable ESX remote ssh root access « My Blog

Enable ESX remote ssh root access

Step 1a – Enable remote ssh root access

Step 1c – Enable remote ssh root access

Related Posts