Hi All,
Recently our security team asked for enabling ssh services on all esxi running in vcenter in different datacenter and cluster to scan authentication VA on each esxi.
This is bit of pain to go to every esxi and manually enable/disable ssh.We need help and solution from script we can achieve in single click.:-)
If we can get the script which will help us to enable & start ssh services on all esxi server & Once scanning is over, same service can be disable/stopped.
If someone has answer or script which is tested will be grateful him/her.
Thanks in advance.
HI,
For Single Host
Get-VMHost esxi | Get-AdvancedSetting -Name 'UserVars.ESXiShellInteractiveTimeOut' | Set-AdvancedSetting -Value "900" -Confirm:$false
For all the ESXi host
Get-VMHost | Get-AdvancedSetting -Name 'UserVars.ESXiShellInteractiveTimeOut' | Set-AdvancedSetting -Value "900" -Confirm:$false
Did you already check 1. Re: ESXi - Enable/disable SSH
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Hi ,
Please find the below commands
Start a Partucular ESXi host Service
> Get-VMHost esxi-01.test.com | Foreach { Start-VMHostService -HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"}) -confirm:$false}
Key Label Policy Running Required
--- ----- ------ ------- --------
TSM-SSH SSH off True False
Start a Particular host Service all ESXi host
> Get-VMHost | Foreach { Start-VMHostService -HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"}) -confirm:$false}
Stop a Partucular ESXi host Service
> Get-VMHost esxi-01.test.com | Foreach { Stop-VMHostService -HostService ($_ | Get-VMHostService | Where { $_.Key -eq "TSM-SSH"}) -Confirm:$false}
Key Label Policy Running Required
--- ----- ------ ------- --------
TSM-SSH SSH on False False
Reference # https://vmarena.blogspot.ae/2016/05/work-with-vsphere-power-cli.html
I would like to add one more steps
need to increase ssh timeout value to 300 second for all host in vcenter added
UserVars.ESXiShellTimeOut
# Set Remove UserVars.ESXiShellTimeOut to 900 on all hosts
Get-VMHost | Foreach { Set-VMHostAdvancedConfiguration -VMHost $_ -Name UserVars.ESXiShellTimeOut -Value 900 }
how to do i edit this to make final script
You mean like this?
Get-VMHost | %{
Set-VMHostAdvancedConfiguration -VMHost $_ -Name UserVars.ESXiShellTimeOut -Value 300 -Confirm:$false
Get-VMHostService -VMHost $_ | where{$_.Key -eq 'TSM-SSH'} | Start-VMHostService -Confirm:$false
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
As expected LuCD the one who is the first to anser 🙂 ...hats off to you
Due to busy scheduled today haven't yet tried the parameter given by you. Will check if works that coool. else You are there 🙂
thanks for one more time
regs
PS
HI,
For Single Host
Get-VMHost esxi | Get-AdvancedSetting -Name 'UserVars.ESXiShellInteractiveTimeOut' | Set-AdvancedSetting -Value "900" -Confirm:$false
For all the ESXi host
Get-VMHost | Get-AdvancedSetting -Name 'UserVars.ESXiShellInteractiveTimeOut' | Set-AdvancedSetting -Value "900" -Confirm:$false
Hi Raj
Its working perfectly can we get the out put result which runn on power cli screen. Will come to know which host failed and which host completed.