Home News Enable ESX remote ssh root access

Enable ESX remote ssh root access

by Roger Lund

Today I needed to login to my ESX Eval as root, so I ssh’d in, and got a access denied.

After a good search, I Found this Article on http://vmetc.com titled : Enable ESX remote ssh root access ( http://vmetc.com/2007/08/04/enable-esx-remote-ssh-root-access/ )


Enable ESX remote ssh root access

If you are getting an error trying to remotely connect to an ESX host via ssh it is because root ssh access is disabled by default. Therefore winscp, putty, or any other remote console tool will fail.

These steps are taken from the VMware Partner Plan and Design toolkit document tilted “VI Assembly and Configuration Guide” written by Pang Chen. Here are the steps necessary to enable root to have ssh remote access.

Step 1a – Enable remote ssh root access

Modify the PermitRootLogin flag to yes in the /etc/sshd/sshd_config file to allow root remote login.

# perl -spi -e ‘s|PermitRootLogin no|PermitRootLogin yes|’ /etc/ssh/sshd_config
Step 1b – Enable remote ssh root accessConfirm change.The value should illustrate yes, with no hash mark prior to the flag.

# grep ‘PermitRootLogin’ /etc/ssh/sshd_config

PermitRootLogin yes

#
Step 1c – Enable remote ssh root access

Restart the sshd service:

# service sshd restart

Taken From http://vmetc.com/2007/08/04/enable-esx-remote-ssh-root-access/

Now, what if I didn’t need or want to access the box as root, but I wanted to access it with root rights?

To do this, I logon to the Infrastructure Client, Click Users & Groups
Under users I right click, and click add
Type in a Login name and User name ( I left UID blank for the system to assign )
Enter a password
Check Grant Shell Access to this User, and click ok
Click groups
And double click on root
Under username type root, and click ok.

This allowed me to login as my new user name via ssh.

To get root access I typed su, and entered the root password.

UPDATE: you must do su -l to get the ability to use all of the console commands.

Comments? Let me know thoughts on which method is better, or if there is a better way.

You may also like