Securing VMware vSphere - Mastering VMware vSphere 5.5 - page 443

Information Technology Reference

In-Depth Information

Controlling Remote CLI Access via SSH

Secure Shell, often referred to just as SSH, is a widely known and widely used encrypted remote

console protocol. SSH was originally developed in 1995 to replace other protocols, such as tel-

net, rsh, and rlogin, that did not provide strong authentication and did not protect against

password-snifi ng attacks on the network. SSH gained rapid adoption, and the SSH-2 protocol is

now a proposed Internet standard with the Internet Engineering Task Force (IETF).

ESXi includes SSH as a method of remote console access. This allows vSphere administra-

tors to use an SSH client, such as PuTTY.exe on Windows or OpenSSH on Linux or Mac OS X,

to remotely access the CLI of an ESXi host in order to perform management tasks. However, as

with the ESXi Shell, SSH access to an ESXi host is disabled by default. To gain remote CLI access

to an ESXi host via SSH, you must i rst enable the ESXi Shell and enable SSH. You've already

seen how to enable the ESXi Shell; now we'll show you how to enable SSH, both via the DCUI

and via the vSphere Client.

Perform the following steps to enable SSH via the DCUI:

1. Access the console of the ESXi host using the physical server console or some KVM mech-

anism (many server vendors provide remote console functionality).

2. Press F2 to log into the DCUI. When prompted for username and password, supply a

username and password with permission to access the DCUI (this user must have the

Administrator role for this ESXi host).

3. Navigate down to Troubleshooting Options and press Enter.

4. Select Enable SSH. This enables the SSH server (or daemon) on the ESXi host.

5. Press Esc until you return to the main DCUI screen.

Perform these steps to enable SSH via the vSphere Client:

1. Connect to the ESXi host using the vSphere Client.

2. Select the ESXi host in the inventory and click the Coni guration tab.

3. From the Software section, select Security Proi le.

4. Click the Properties hyperlink near Services.

This opens the Services Properties dialog box.

5. Select SSH from the list of services; then click Options.

6. Click Start.

7. Click OK to return to the Services Properties dialog box.

The status for SSH should now be listed as Running.

8. Click OK to return to the vSphere Client. You can now use PuTTY.exe (Windows) or

OpenSSH (Mac OS X, Linux, and other Unix variants) to establish an SSH session to the

ESXi host.

Next Page

Mastering VMware vSphere 5.5

Search WWH ::

Custom Search

Home