VMware
 

Knowledge Base

Search the Knowledge Base:
Products:
Search In:
 

Enabling root SSH login on an ESX host

Details

This article provides steps to use SSH to login to an ESX host as the root user.

Solution

 
Since ESX 3.0, for increased security, SSH is disabled by default for the root account on an ESX host. That is, the actual sshd service does not allow root logins. Non-root users are able to login with SSH. This is another layer of protection in addition to the host firewall.

Note: Each SSH connection to an ESX host uses additional Service Console resources. Use caution when using scripts or third party software that create multiple SSH sessions to the ESX Service Console. Excessive use of SSH on an ESX machine may cause the service console to exhibit symptoms of memory exhaustion.

To enable root login for SSH and SCP clients:

  1. If you have physical access to the ESX host, login to the console of your ESX host as the root user .

    If you can only connect to the ESX host over the network, connect using an SSH client (such as PuTTY) and log in as a user other than root. After you are logged in, switch to the root user with the following command:

    su -

    Note: If you do not have any other users on the ESX host, you can create a new user by connecting directly to the ESX host with VMware Infrastructure (VI) or vSphere Client. Go to the Users & Groups tab, right-click on the Users list and select Add to open the Add New User dialog. Ensure the Grant shell access to this user option is selected. These options are only available when connecting to the ESX host directly. They are not available if connecting to vCenter Server.
     
  2. Edit the configuration file for SSH with the following command:

    nano /etc/ssh/sshd_config
     
  3. Find the line that starts with PermitRootLogin and change the no to yes. You can find this line about 2 pages down from the top. Save the file by first pressing Ctrl-O and then Enter. Exit with Ctrl-X.
     
  4. Restart the sshd service with the command:

    service sshd restart

    Note: Alternatively, use the command:

    /etc/init.d/sshd restart

Feedback

Rate this article:
(19 Ratings)

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
Email address (optional)
Submit
Rate this article:
(19 Ratings)
Actions
  • KB Article: 8375637
  • Updated: Dec 22, 2009
  • Tags
    How to
  • Products:
    VMware ESX
  • Product Versions:
    VMware ESX 3.0.x
    VMware ESX 3.5.x
    VMware ESX 4.0.x