Virtualization Pro

Nov 5 2007   9:10PM GMT

How to allow the root user to log in to VMware ESX Server with SSH

David Davis David Davis Profile: David Davis

Tags:
IMAP4

Let’s say that you just installed a new VMware ESX server. You tried to add SSH to it and log in as root. What happened?

It didn’t work, did it?

The firewall allows it, right? You can log in to the physical server console with the same username and password, right? But it still doesn’t work, does it?

Let’s find out how to fix it….

To allow the root user to log in to a VMware ESX Server over the network using SSH, do the following:

  1. Go to the service console on the physical server and log in
  2. vi /etc/ssh/sshd_config
  3. Change the line that says PermitRootLogin from “no” to “yes”
  4. Do service sshd restart

And your problem is solved…

No need to thank me, just subscribe to our Virtualization Pro blog instead! :)

David Davis, VCP, CCIE

Personal Website: HappyRouter.com
VMware Videos by David Davis:
VMware Server & Workstation
VMware ESX Server

7  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Rick Vanover
    This also enables SFTP - you can use your FTP client that supports file transfer over SSH to move stuff to the filesystem of the ESX server.
    0 pointsBadges:
    report
  • David Davis
    Very true - Great point - Thanks Rick! -David
    155 pointsBadges:
    report
  • Slowe
    David, I'm sure it goes without saying that allowing root logins via SSH is not considered a security best practice, but this is helpful information for users not familiar with SSH configuration. Over the long term, I imagine you would agree that users should create non-privileged accounts to use with SSH, then use su or sudo once they have logged into the console.
    0 pointsBadges:
    report
  • David Davis
    Hi SLowe, I completely agree - the proper way is to login as yourself then su to root. Great point! Thanks for the comment, David
    155 pointsBadges:
    report
  • David Davis
    [...] This, of course, is excepted when VMWare documentation gives Linux commands to perform tasks, David Davis’ recent blog on enabling SSH and SFTP on ESX is a good example.  By removing that layer, the ESX product is more aligned to what it needs to do [...]
    0 pointsBadges:
    report
  • MarcB
    Hi David, I am giving training on ESX and I have found RootAccess from Veeam.com to be a compromise (sort of speak). It is an easy, free and light Windows tool and it can toggle PermitRootLogin if necessary but mostly it eases the creation of users. My students now have no excuse to maintain good audit pratices.
    0 pointsBadges:
    report
  • David Davis
    [...] Installing the console plug-in is straight forward from the ConsoleClientSetup-0.1.5.msi and it is easily added from the plug-ins menu in the VIC. Once added, each ESX host in your inventory will have a new tab called Console that performs in a similar fashion that the Console tab does for virtual machines. The difference is that authentication to the ESX host is passed through the plug-in. This requires that SSH be enabled on the ESX host, and should you wish to use the root login there is a slight configuration to enable root SSH access which is explained here on the ITKE by David Davis. [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: