Did I take crazy pills this morning? My ESX3.5 install doesn't seem to have a /etc/ss folder. I looked. I didn't see it. I'm trying to enable ssh access. I know this can be done through the gui by adding local users, but we have AD users I need to add ssh access for. How do we do this? When I setup 3.0.2 I just set "/etc/ss/sshd_config PermitRootLogin yes" and this did the trick for all the administrators, but I can't find that file this time. We use private/public keys and ask all the administrators to login using their own credentials, but yes, ssh for root is enabled, although I'm open to leaving it shut off if I can figure out how to enable ssh for AD users. Any help is appreciated.
Thanks,
Oscar
On my 3.5 server ssh_config is in /etc/ssh
I've used Veeam's free product to enable root access. It eliminates the overhead of connecting to each esx hosts and modifyin the ssh file.
http://www.veeam.com/vmware-esx-server/root_access/
If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
On my 3.5 server ssh_config is in /etc/ssh
You may want to look at setting up sudo for your admins. You stated you want to grant root access to AD administrators. After configuring sudo you can have them authenticate from AD. To set this up you can do the following:
esxcfg-auth --enablead --addomain=domainname.com --addc=dcname.domainname.com
then add the users you want to be able to logon by adding them to the wheel group
useradd -G wheel username
The users will use AD account and password to logon and then use sudo instead of root to do their job: example
sudo /sbin/service mgmt-vmware restart
In 3.5 it is still the same /etc/ssh/sshd_config then restart the service - service sshd restart
But as was suggested possibly setting up sudo for the admins may be a better way to go instead of enabling ssh for root. Or just have the admins ssh as their own account and then do a su - to switch to root.
Quick reminder - Don't forget to open the port on your ESX firewall.
Regards,
Fil
We do have sudo setup now, but for anyone to be able to ssh into the server you have to change the PermitRootLogin, right? Or is there some other place you enable ssh for non root accounts?
Beyond that I think I see what you are saying. I wonder if this is what our linux guy is doing after I turn the machine over to him. I've been configuring the ESX boxes, enabling ssh, and then letting the linux guy do his thing. We use sudo and private/public keys with our individual user accounts to work on the esx hosts after that. I got stumped because my notes were truncated and I was looking for an ss folder instead of the ssh folder! Doh!
but for anyone to be able to ssh into the server you have to change the PermitRootLogin, right?
This only pertains to root remote login capability. If you have the option "Yes" when you launched Putty than it wouldn't work. If you use Putty with regular account than it work but you neither have to use sudo or su - to take control.
If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
Regards,
Stefan Nguyen
iGeek Systems LLC.
VMware, Citrix, Microsoft Consultant
The non-root accounts should be able to ssh to the host if they were created in the host directly. If you created them from the VI3 client then you need to 'Grant Shell Access' to the user.
Is the sshd daemon running. To check run.
service sshd status
I have ESXi 3.5 u3 setup and running on an HP DL380 G5 server. I have run the commands to enable SSH. However, even when restart the host, run the kill command or restart the services. I cannot connect to the server from Putty or WInscp. I simply type in the IP address of the host and select SSH and always get the network connection error.
Clearly something is not right. What's different with the commands to enable ssh and scp on ESXi3 u3??
Please assist.
This is what you need to do for ESXi - http://www.vm-help.com/esx/esx3i/ESXi_enable_SSH.php.