I am getting a few hosts that is getting the policy going back to off and running status stopped even after I start and set the policy to start and stop with host
any idea what is causing this?
I need to enable ssh on these hosts but something is stopping the service and turning htrp olicy off
Have you configured the following advanced option on the hosts (maybe because of vSphere Hardening, PCI-DSS or ISO 27001 compliance)?
UserVars.ESXiShellTimeOut
If this value is not 0, the ESXi shell and also SSH is disabled after x seconds.
I saw some servers have it set to 600
the only way to overide this is set it to 0 and start the ssh?
The advanced option "UserVars.ESXiShellTimeOut" defines after how many seconds a local or remote shell (and therefore also SSH) will be disabled. A value of 0 indicates that a shell will never be disabled and thus SSH service would run permanently.
But for security reasons it is not recommended to deactivate the shell timeout in production environments. Local and remote shells should only be started on demand.
If you still want to disable the timeout, stop SSH and the ESXi shell service, set this timeout value to 0, and then restart SSH and the ESXi shell service again.
actually I have hosts that have esxishelltimeout not set to 0 but I can still ssh to
but then another one thast is set and keeps turning ssh off. evcen before the timeout value has been reached
Hi in my case,
TSM SSH policy keeps the setting as start, stop with host eventhough I changed it to Manual start stop..
I have no clue how to revert back this policy setting.
Seems like this setting is overwritten in somewhereelse.