VMware Cloud Community
moshker
Contributor
Contributor
Jump to solution

How to enable SSH on 3.5

Did I take crazy pills this morning? My ESX3.5 install doesn't seem to have a /etc/ss folder. I looked. I didn't see it. I'm trying to enable ssh access. I know this can be done through the gui by adding local users, but we have AD users I need to add ssh access for. How do we do this? When I setup 3.0.2 I just set "/etc/ss/sshd_config PermitRootLogin yes" and this did the trick for all the administrators, but I can't find that file this time. We use private/public keys and ask all the administrators to login using their own credentials, but yes, ssh for root is enabled, although I'm open to leaving it shut off if I can figure out how to enable ssh for AD users. Any help is appreciated.

Thanks,

Oscar

Reply
0 Kudos
1 Solution

Accepted Solutions
rossb2b
Hot Shot
Hot Shot
Jump to solution

On my 3.5 server ssh_config is in /etc/ssh

View solution in original post

Reply
0 Kudos
10 Replies
aguacero
Hot Shot
Hot Shot
Jump to solution

I've used Veeam's free product to enable root access. It eliminates the overhead of connecting to each esx hosts and modifyin the ssh file.

http://www.veeam.com/vmware-esx-server/root_access/

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
Reply
0 Kudos
rossb2b
Hot Shot
Hot Shot
Jump to solution

On my 3.5 server ssh_config is in /etc/ssh

Reply
0 Kudos
rossb2b
Hot Shot
Hot Shot
Jump to solution

You may want to look at setting up sudo for your admins. You stated you want to grant root access to AD administrators. After configuring sudo you can have them authenticate from AD. To set this up you can do the following:

esxcfg-auth --enablead --addomain=domainname.com --addc=dcname.domainname.com

then add the users you want to be able to logon by adding them to the wheel group

useradd -G wheel username

The users will use AD account and password to logon and then use sudo instead of root to do their job: example

sudo /sbin/service mgmt-vmware restart

petedr
Virtuoso
Virtuoso
Jump to solution

In 3.5 it is still the same /etc/ssh/sshd_config then restart the service - service sshd restart

But as was suggested possibly setting up sudo for the admins may be a better way to go instead of enabling ssh for root. Or just have the admins ssh as their own account and then do a su - to switch to root.

www.thevirtualheadline.com www.liquidwarelabs.com
Reply
0 Kudos
philvirt
Hot Shot
Hot Shot
Jump to solution

Quick reminder - Don't forget to open the port on your ESX firewall.

Regards,

Fil

Thanks, phIL
moshker
Contributor
Contributor
Jump to solution

We do have sudo setup now, but for anyone to be able to ssh into the server you have to change the PermitRootLogin, right? Or is there some other place you enable ssh for non root accounts?

Beyond that I think I see what you are saying. I wonder if this is what our linux guy is doing after I turn the machine over to him. I've been configuring the ESX boxes, enabling ssh, and then letting the linux guy do his thing. We use sudo and private/public keys with our individual user accounts to work on the esx hosts after that. I got stumped because my notes were truncated and I was looking for an ss folder instead of the ssh folder! Doh!

Reply
0 Kudos
azn2kew
Champion
Champion
Jump to solution

but for anyone to be able to ssh into the server you have to change the PermitRootLogin, right?

This only pertains to root remote login capability. If you have the option "Yes" when you launched Putty than it wouldn't work. If you use Putty with regular account than it work but you neither have to use sudo or su - to take control.

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

Regards,

Stefan Nguyen

iGeek Systems LLC.

VMware, Citrix, Microsoft Consultant

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!! Regards, Stefan Nguyen VMware vExpert 2009 iGeek Systems Inc. VMware vExpert, VCP 3 & 4, VSP, VTSP, CCA, CCEA, CCNA, MCSA, EMCSE, EMCISA
Reply
0 Kudos
petedr
Virtuoso
Virtuoso
Jump to solution

The non-root accounts should be able to ssh to the host if they were created in the host directly. If you created them from the VI3 client then you need to 'Grant Shell Access' to the user.

Is the sshd daemon running. To check run.

service sshd status

www.thevirtualheadline.com www.liquidwarelabs.com
Reply
0 Kudos
jlewis0021
Contributor
Contributor
Jump to solution

I have ESXi 3.5 u3 setup and running on an HP DL380 G5 server. I have run the commands to enable SSH. However, even when restart the host, run the kill command or restart the services. I cannot connect to the server from Putty or WInscp. I simply type in the IP address of the host and select SSH and always get the network connection error.

Clearly something is not right. What's different with the commands to enable ssh and scp on ESXi3 u3??

Please assist.

Reply
0 Kudos
Dave_Mishchenko
Immortal
Immortal
Jump to solution

This is what you need to do for ESXi - http://www.vm-help.com/esx/esx3i/ESXi_enable_SSH.php.

Reply
0 Kudos