Logging into SSH required in some of the common troubleshooting scenario or fetching information: ie checking logs, telnet, ping, esxtop etc, Although subject title of this blog is mentioned Powercli, but I am showing all ways to enable SSH service on esxi including GUI as well, By default SSH server service is disabled on ESXi, VMware recommends the same for security best practices reason. For more on Esxi hardening follow this official guides. Whenever you need to login into Esxi directly through SSH (putty), this service (daemon) can be enabled using one of the method VMWare web client.
Select Esxi server, go to Configure tab on the right side, collapse System and click Security Profile, here all required services are listed, SSH is is stopped. Press Edit button,
In Edit Security Profile, select SSH daemon, service name from the list, down below expand Service Details, under status click Start button, and status will change to running. below screenshot is after starting service. Same procedure is used to stop it. Three types of startup policy exist.
Start and stop with host: If service is running it will start automatically once host is restarted. Same with if service is stopped, service status will persist with ESXi reboot.
Start and stop manually: This is self explanatory. service need to manually start or stop depending on status, Once Esxi is rebooted, service will be stopped.
Start and stop with port usage: Start automatically if any ports are open, and stop when all ports are closed
Port status can be checked using withing Esxi firewall itself, make sure SSH port number 22 is open (by default it is open), If you are not able to putty also check physical firewall. Under Secure shell there are 2 option SSH server and SSH client. Server is esxi and used to connect. Client is once logged onto esxi you can use it as client to connect remote servers.
Next open putty and login to server and test server.
In this next tutorial I am using VMWare Powercli for starting and stopping SSH server, for Configuring and installing Powercli check my previous article VMWARE VSPHERE POWERCLI INSTALLATION AND CONFIGURATION STEP BY STEP.
Once logged onto vcenter or esxi successfully. I will check the the status of TSM-SSH service on Esxi Server, In my case it is not running and says false.
Get-VMHostService -VMHost esxi001.vcloud-lab.com | Where-Object {$_.Key -eq 'TSM-SSH'}
To start it use this one-liner powercli command.
Get-VMHostService -VMHost esxi001.vcloud-lab.com | Where-Object {$_.Key -eq 'TSM-SSH'} | Start-VMHostService -Confirm:$false
It is my daily task to login to esxi for troubleshooting or getting information, and each time I don't want to run above long one liner commands, Instead for my preference I have created below functions and copied it in powershell profiles. Profiles are startup script, whenever you open new powershell console by default it will execute those profile script and save in console memory. Run command $PROFILE to know the the profile file path. For ISE this path is different.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
function Start-SSHService { [CmdletBinding()] ##################################### ## http://vcloud-lab.com ## Version: 1 ## Tested this script on successfully ## 1) Powershell v3 ## 2) Windows 7 ## 3) vSphere 5.5 (vcenter, esxi, powercli) ##################################### Param ( [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)] [ValidateNotNullOrEmpty()] [Alias("Name")] [string]$VMHost ) begin {} Process { $AllServices = Get-VMHostService -VMHost $VMHost $SShService = $AllServices | Where-Object {$_.Key -eq 'TSM-SSH'} if ($SShService.running -eq $false) { $SShService | Start-VMHostService -confirm:$false } else { Write-Host -BackgroundColor DarkGreen -Object "SSH service on $VMHost is already running" } } end {} } function Stop-SSHService { ##################################### ## http://vcloud-lab.com ## Version: 1 ## Tested this script on successfully ## 1) Powershell v3 ## 2) Windows 7 ## 3) vSphere 5.5 (vcenter, esxi, powercli) ##################################### [CmdletBinding()] Param ( [Parameter(Mandatory=$true, ValueFromPipelineByPropertyName=$true, Position=0)] [ValidateNotNullOrEmpty()] [Alias("Name")] [string]$VMHost ) begin {} Process { $AllServices = Get-VMHostService -vmhost $VMHost $SShService = $AllServices | Where-Object {$_.Key -eq 'TSM-SSH'} if ($SShService.running -eq $true) { $SShService | Stop-VMHostService -confirm:$false } else { Write-Host -BackgroundColor darkGreen -Object "SSH service on $VMHost is already stopped" } } end {} } |
Once Profiles are loaded or opened powershell, I can simply run below oneliner smaller commands to do their jobs.
Start-SSHService -VMHost Esxi001.vcloud-lab.com #To start service
Stop-SSHService -VMHost Esxi001.vcloud-lab.com #To stop service
This is third technique you can use to enable or disable SSH service as well as esxi shell. Login to DCUI (Direct console user interface), This is accessible when in front of the server physically or through medium of remote console ie Dell Rac., log in into pressing F2 button.
Scroll to Troubleshooting Options, go to enable SSH hit enter to change it, It will either enable or disable according to current state.