The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
SSH connection after upgrading to ESXi 5.0 fails with the auth.log error: Could not load host key (2010607)
After upgrading hosts from ESXi 4.1 to 5.0 and when using Private Keys, you cannot establish an SSH connection to the hosts
This issue occurs even though:
SSH is enabled on the hosts
SSH port 22 is accessible
No firewall is enabled
The /var/log/auth.log file displays these messages on the ESXi host:
sshd: error: Could not load host key: /etc/ssh/ssh_host_rsa_key
sshd: error: Could not load host key: /etc/ssh/ssh_host_dsa_key
sshd: Disabling protocol version 2. Could not load host key
sshd: sshd: no hostkeys available -- exiting.
login: pam_per_user: create_subrequest_handle(): doing map lookup for user "root"
login: pam_per_user: create_subrequest_handle(): creating new subrequest (user="root", service="system-auth-generic")
login: pam_unix(system-auth-generic:session): session opened for user root by (uid=0)
login: root login on 'char/tty/1'
To generate a new key pair::
- Access the ESXi host command line from the DCUI. For more information, see Using Tech Support Mode in ESXi 4.1 and ESXi 5.x (1017910).
- cd to /usr/lib/vmware/openssh/bin/.
- Run these commands:
# ./ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
# ./ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
Note: You are prompted for a passphrase. Passphrases are optional when generating SSH private keys. For more information, see Allowing SSH access to ESX hosts with public/private key authentication (1002866).
- Allowing SSH access to ESX hosts with public/private key authentication
- Using Tech Support Mode in ESXi 4.1 and ESXi 5.x
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.