Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Search the VMware Knowledge Base (KB)   View by Article ID

Allowing SSH access to ESXi/ESX hosts with public/private key authentication (1002866)


This article provides steps to allow SSH access to ESXi/ESX hosts with public/private key authentication rather than with username/password authentication.


To allow SSH access to ESXi/ESX hosts with public/private key authentication:

  1. Generate public/private keys. For detailed instructions, see the OpenBSD Reference Manual section in the OpenBSD.

    • These instructions generate two files in ~/.ssh: id_rsa and
    • In ESXi 5.x, the ssh-keygen command is located at /usr/lib/vmware/openssh/bin.
    • The preceding link was valid as of November 26, 2013. If you find the link to be broken, provide feedback on the article and a VMware employee will update the article as necessary.

  2. On the remote host, store the public key content, in ~/.ssh/authorized_keys.

    • For ESXi 5.x and 6.0, the location of authorized_keys is: /etc/ssh/keys-<username>/authorized_keys
    • More than one key can be stored in this file.

  3. To allow root access, change PermitRootLogin no to PermitRootLogin yes in the /etc/ssh/sshd_config file.
  4. To disable password login, ensure that ChallengeResponseAuthentication and PasswordAuthentication are set to no.
  5. Reload the service:

    • For ESXi, run the command:

      /etc/init.d/SSH restart

    • For ESX, run the command:

      service sshd reload
For alternative solutions and more information on SSH, see Uploading an SSH Key to Your ESXi Host section in the VMware vSphere 5.5 documentation Center.

Additional Information

For translated versions of this article, see:
简体中文: 允许使用公钥/私钥身份验证对 ESXi/ESX 主机进行 SSH 访问 (2086205)

Update History

09/05/2012 - Added location of authorized_keys for ESXi5.0 03/20/2013 - Added location path for ssh-keygen command in 5.x 07/11/2013 - Added ESXi command to reload the service

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


  • 48 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 48 Ratings