How to Enable SSH on VMware ESXi

Introduction

Remote access to ESXi hosts is a must for maintaining and managing a VMware environment. Accessing ESXi shell is possible via SSH, for example, by using PuTTy as a Secure Shell client. However, this option is disabled by default to avoid security threats, such as brute force attacks.

Enabling SSH on VMware ESXi hosts is a straightforward task. You can complete this process in a few ways.

This guide will show you how to enable SSH on an ESXi server using Direct Console UI and vSphere Web Client. The steps work on version 6 and above.

How to Enable SSH guide heading image

Prerequisites

  • SSH client on the remote machine
  • Root access to the ESXi host
  • Admin account for the vSphere Web Client

How to Enable SSH on ESXi (3 methods)

If you receive the “Connection refused” error when trying to connect to your ESXi host, then SSH is disabled.

SSH connection refused error in Command Prompt

Choose a method and follow the steps below to enable SSH on ESXi.

Note: If you are a Bare Metal Cloud user, follow the DCUI or the vSphere Host method, as vCenter is not supported at the moment.

Method 1: Enable SSH on ESXi via DCUI (Direct Console User Interface)

To enable SSH access on an ESXi server using DCUI, follow these steps:

1. Load the DCUI screen and press F2 to log in. For example, Bare Metal Cloud customers use the Remote Console via the BMC portal.

DCUI start screen

2. Enter the root password.

DCUI authentication prompt

For phoenixNAP BMC servers, the root password appeared when you deployed your ESXi server.

Bare Metal Cloud Password for ESXi host.

The System Customization menu loads.

3. Navigate to Troubleshooting Options and hit Enter.

DCUI System Customization Menu

4. Navigate to Enable SSH and press Enter to enable the service.

DCUI enable ssh service option

When you enable SSH, the option in the menu changes and lets you know the service is enabled:

DCUI menu showing SSH enabled

Use the ESC key to go back to the DCUI main menu.

Note: There is a timeout set for your session. Make sure to edit the settings before the session exits to avoid multiple logins. Use the Modify DCUI Idle timeout option to increase the value.

Method 2: Enable SSH on ESXi Host via vSphere Web Client

This method uses the vSphere Web UI to log in to the ESXi host and enable SSH.

VMware ESXi

1. Select Manage in the navigator pane.

2. Click the Services tab on the right side.

3. Select the TSM-SSH entry on the list. The service status shows Stopped. (TSM stands for Tech Support Mode).

VMware ESXi host enable SSH screen

4. Click Start to start the SSH service.

ESXi host start ssh service window

Alternatively, you can enable SSH by selecting Host in the left navigator pane. Then:

1. Click Actions.

2. Select Services.

3. Click Enable Secure Shell (SSH)

ESXi host actions menu to start SSH service

Note: When your VMware host restarts, SSH disables automatically. This setting is the default behavior. Follow the steps below to enable SSH automatically after restart.

To start SSH after ESXi host restart:

1. Select the TSM-SSH entry on the list.

2. Click Actions – > Policy.

3. Choose Start and stop with host, and the SSH service will activate after every host restart.

ESXi actions menu to start SSH service automatically after restart

Method 3: Enable SSH on ESXi via vCenter

Non-BMC users can utilize the Web Client to log in to the vCenter instance and enable SSH.

vCenter login window

Once you log in, select the host and:

1. Navigate to the Configure tab. 

2. Scroll down and select Security Profile under the System section.

3. Locate the Services section and click the Edit button.

vCenter ESXi security profile screen

4. Locate and click the SSH entry on the list. Click Start to enable SSH.

vCenter ESXi edit security profile

If needed, you can edit the startup policy for the SSH service.

Test SSH ESXi Connection

Finally, when you enable SSH, open the SSH client and try to connect to your SSH host. Use the root user and try to log in.

If the SSH service is enabled, you will not get the Connection refused error. Instead, you successfully log in to the ESXi host.

ESXi ssh connection test

Conclusion

This guide showed you three options to enable SSH on ESXi. For Bare Metal Cloud users, either of the first two methods will work.

This process is straightforward but enables remote ESXi management, so caution should be at a high level. If you do not plan on using SSH for some time, you might want to disable the service following the same steps as when enabling it.

Read our article on how SSH works to learn more.

原创文章,作者:kepupublish,如若转载,请注明出处:https://blog.ytso.com/224579.html

(0)
上一篇 2022年1月7日
下一篇 2022年1月7日

相关推荐

发表回复

登录后才能评论