Table of contents
Related articles

No related posts found.

How to Enable SSH on VMware ESXi

enable vmware esxi

Having a robust system that consolidates hardware, boosts performance, streamlines administration, and enhances security can be a game changer. However, managing such a complex virtual environment can be a challenge.

VMware ESXi is often considered a reliable backbone for these systems, empowering users with the tools needed for greater flexibility and control.

Whether you’re a seasoned IT professional or a tech enthusiast, mastering VMware ESXi is an essential skill. One critical aspect of this mastery is enabling SSH, a powerful tool for secure, remote access to your servers. 

In this tutorial, we will discuss how to enable SSH on VMware ESXi. We will start with an introduction to VMware ESXi and then go into the details of enabling SSH on VMware ESXi. 

What is VMware ESXi?

VMware ESXi (Elastic Sky X Integrated) is a type-1 hypervisor developed by VMware that enables users to run multiple virtual machines (VMs) on a single physical server. These VMs share the resources of the server such as CPU, memory, storage, and networking during their operations.

ESXi installs directly on the server hardware, acting as an abstraction layer between the physical machine and the virtual machines. As a result, multiple VMs can coexist on the same hardware, each with its own virtualized resources like CPU, memory, disk space, and network connections.

ESXi improves virtual machine operational reliability and availability through its sophisticated features such as live migration, high availability, and disaster recovery. As such, it is a popular option for managing enterprise workloads since it supports numerous operating systems and applications.

How to Enable SSH on VMware ESXi?/h2>
Now that you have a basic understanding of VMware ESXi, let us discuss how to enable SSH on VMware ESXi. However, before that, let us take a quick look at the prerequisites. 

The Prerequisites

Before diving further, ensure you have the following.

  • An SSH client on the remote workstation
  • Root access to the ESXi host
  • An admin account for the vSphere Web Client

SSH (Secure Shell) allows users to remotely manage and configure the ESXi host, which can be particularly useful for advanced troubleshooting and automation tasks. 

Note that SSH, by default, is not enabled on VMware ESXi for security reasons. We recommend checking whether SSH is disabled by trying to connect to your ESXi host. The connection refused message indicates that SSH is disabled.

ssh connection resufal

Now that you know SSH is disabled, follow the steps below to enable SSH on VMware ESXi.

SSH can be enabled using the following two methods:

  • Use the Direct Console User Interface
  • Utilize the vSphere Web Client

Method #1: Use the Direct Console User Interface (DCUI)

Access the DCUI panel (press F2 during boot) or you can also use the Remote Console provided by your cloud service provider.

For instance, the customers of bare metal cloud can access the Remote Console through the BMC site.

dcui

Next, enter the root password.

require authetication

Once you have entered the root password, the system customization window opens. 

Select Troubleshooting Options and press Enter.

system customization

Navigate to Enable SSH and press Enter.

troubleshooting options

Once you press Enter, the service will be updated and the menu reflects the new status.

troubleshoot options with ssh support

Press ESC to return to the DCUI main menu.

Method #2: Use the vSphere Web Client

Let us now discuss the second method that uses the vSphere Web Client.

This method uses the vSphere Web UI to log in to the ESXi host and enable SSH.

If you are using a standalone ESXi host (or a free VMware Hypervisor), connect to its web interface.

vmware login window

Go to the navigator pane, and select Manage.

On the right side, select the Services tab.

Locate TSM-SSH (Technical Support Mode) in the list. The service state will likely be Stopped.

services tab in navigator pane

Click Start to launch the SSH service.

launch the ssh services

By default, the SSH service on an ESXi host will start and stop manually. 

We recommend you configure the SSH service to start automatically. 

To configure SSH, select TSM-SSH from the list. Under Actions, choose Policy.

Select Start and stop with host. This ensures the SSH service starts on every host reboot.

ssh start on reebot

SSH ESXi Connection Test

Now that you have enabled SSH, follow the steps below to verify the connection.

Open your SSH client. You can use PuTTY or the built-in terminal on macOS and Linux systems.

Next, enter the IP address of your ESXi host. This can be found in the ESXi host’s network settings. Next, authenticate using the root username and password. 

Next, establish a connection with your SSH host.

Note: We do not recommend using the root account for everyday tasks due to security risks. Consider creating a dedicated user with limited privileges for SSH access.

SSH is enabled if the Connection refused error is not displayed and you are able to log in to the ESXi host.

connection test

Conclusion

By now you have a basic understanding of how to activate SSH on ESXi. 

Although this technique is simple, caution should be exercised as it allows remote ESXi management. Use the same procedures as when enabling SSH to disable the service if you won’t use it for a while.

FAQs

Q. Why should I enable SSH on VMware ESXi?

SSH enables secure remote access to the ESXi host for troubleshooting, configuration, and automation tasks, making management more efficient.

Q. How can I enable SSH on my ESXi host using the vSphere Client?

Log in to the vSphere Client. Select the ESXi host. Go to Manage > Services.

Find and start the TSM-SSH service.

Q. How can I enable SSH using the Direct Console User Interface (DCUI)?

Access the DCUI on your ESXi host. Navigate to Troubleshooting Options. Enable ESXi Shell and SSH.

Q. How can I verify that SSH is enabled on my ESXi host?

You can verify SSH is enabled by checking the Services tab in the vSphere Client or by ensuring the SSH service status in the DCUI.

Q. How do I connect to my ESXi host using SSH?

Use an SSH client (like PuTTY) to establish a connection to the IP address of the ESXi host. Give the root username and password when requested.

Q. Is it safe to leave SSH enabled on my ESXi host?

For security reasons, disabling SSH when not in use is best. Only enable SSH when necessary and ensure your ESXi host is protected by strong passwords and firewalls.

Q. What should I do if I cannot connect to my ESXi host via SSH?

Verify that the SSH service is running. Ensure the ESXi host’s firewall allows SSH traffic. Check network connectivity between your SSH client and the ESXi host.

Q. Can I automate the process of enabling SSH on ESXi hosts?

Yes, you can use PowerCLI scripts to automate the enabling of SSH across multiple ESXi hosts.

Q. How do I disable SSH once I no longer need it?

Using the vSphere Client: Go to Manage > Services and stop the TSM-SSH service.

Using the DCUI: Navigate to Troubleshooting Options and disable SSH.

Q. What are the best practices for using SSH on ESXi?

Only activate SSH when necessary, make sure the root account password is strong and distinct, watch for any unwanted access attempts in the SSH access logs, and for more security, think about implementing key-based authentication.

Narendra

At Redswitches, Narendra works as a DC engineer full-time. He is in charge of Redswitches Asia DC, which is based in India. His area of expertise is server hardware. Rack and DC Operation resolving all OS-related concerns.

Related articles

Latest articles