Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides

Search the VMware Knowledge Base (KB)

View by Article ID

Configuring the ESX host firewall for SSH

This document guides you through configuring the ESX host firewall for SSH access.

To ensure that the SSH service is enabled in the ESX host firewall through the VMware Infrastructure/vSphere Client:

Log in to VirtualCenter/vCenter Server or directly to the ESX host with the vSphere Client as an administrative user.
Click the ESX host in the inventory.
Click the Configuration tab.
Click the Security Profile Link.
Review the Firewall properties and ensure that SSH Server is listed under Incoming Connections. If SSH Server is not listed:
1. Click Properties.
2. Select the SSH Server check box.
3. Click OK.
  
  Note: If you want to be able to use SSH from the ESX host, ensure that the SSH Client option is checked using the same steps as outlined above.

Alternatively to enable this from the ESX service console:

Log in to the ESX service console as root .
Type this command to determine if the sshServer port is enabled on the firewall:

[root@server]# esxcfg-firewall -q sshServer

Note: If you receive the error bash: esxcfg-firewall: command not found, execute:

su - and press Enter to try again.
Type this command to open the firewall port in case it is blocked:

[root@server]# esxcfg-firewall -e sshServer

Note: To close the SSH server port, type esxcfg-firewall -d sshServer.

Note: If you want to be able to use SSH from the ESX host, sshClient must be enabled using the same steps as outlined above.

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

1 2 3 4 5

1 2 3 4 5

Actions

Did this article help you?
This article resolved my issue. This article did not resolve my issue. This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)