Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

Changing the port used by SSH on an ESXi 5.0 host (2011818)

Purpose

Some environments have requirements for the ports utilized by a particular service. This article provides steps to allow ESXi 5.0 use a different port for SSH.

Resolution

When making modifications, they are not normally persistent across reboots. You need a place holder to copy the files to at boot time. For example, a VMFS volume can be used.

To modify the port used for SSH:

  1. Open the required firewall ports. For more information, see User defined xml firewall configurations are not persistent across ESXi host reboots (2007381).

    This example shows a rule set .xml file to open TCP, port 2222:

    <ConfigRoot>
    <service>
    <id>SSH 2222</id>
    <rule id = '0000'>
    <direction>inbound</direction>
    <protocol>tcp</protocol>
    <porttype>dst</porttype>
    <port>2222</port>
    </rule>
    <enabled>true</enabled>
    <required>false</required>
    </service>
    </ConfigRoot>


  2. Copy /etc/services to permanent storage (it can be on the same location as the firewall rules are stored, such as /vmfs/volumes/datastore1/hostname_etc/).
  3. Edit the copy of services on permanent storage and change the port for SSH.

    ssh 2222/tcp # SSH Remote Login Protocol
    ssh 2222/udp # SSH Remote Login Protocol


  4. Edit /etc/rc.local so the created files are copied back to host at boot time. Add lines to the end of the file, for example:

    #Copy the new firewall rule from vmfs place holder to file system
    cp /vmfs/volumes/datastore1/etc/ssh_2222.xml /etc/vmware/firewall/
    #refresh firewall rules
    esxcli network firewall refresh
    #Copy the modified services file from vmfs place holder to file system
    cp /vmfs/volumes/datastore1/etc/services /etc/services
    #Restart inetd to get the changes
    kill -HUP `cat /var/run/inetd.pid`


  5. Reboot the host, and attempt to connect to the host on the chosen port to verify that the changes were successful.

See Also

Update History

06/05/2013 - Updated the copy command for modified services file.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 1 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 1 Ratings
Actions
KB: