Versions Compared

Old Version 8

changes.mady.by.user Unknown User (shoji)

Saved on

compared with

New Version 9

changes.mady.by.user Andy Kurth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • You need to log in as root and to enable PermitRootLogin by editing /etc/ssh/sshd_config:
    Paneltip
    title

    vi /etc/ssh/sshd_config

    Panel

    PermitRootLogin yes

  • Then, you should restart sshd:
    Paneltip

    $ /etc/init.d/sshd restart

How to configure ESX/ESXi to use SSH identity key authentication:

...

  • Create an SSH key pair on the management node node (or use a key you previously created):
    Paneltip

    ssh-keygen -t rsa -f /etc/vcl/vcl.key -N '' -b 1024 -C 'VCL root account'

  • Log into the ESX host via SSH (password authentication should work) and create the directory:
    Paneltip

    ssh -o Batchmode=no vcl-esxi01 <ESXi host> 'mkdir /.ssh'

  • Copy the public key to the ESXi host:
    Paneltip

    scp -o Batchmode=no /etc/vcl/vcl.key.pub vcl-esxi01<ESXi host>:/.ssh/authorized_keys

  • Test making an SSH connection using the key:
    Paneltip

    ssh -i /etc/vcl/vcl.key vcl-esxi01<ESXi host>

IMPORTANT: Under ESXi, the authorized_keys file is erased when the ESXi VM host is rebooted. Complete the following steps to make the authorized_keys file persistent:

  • Create a compressed tarball file containing the /.ssh directory:  
    Panel
    Tip

    tar -C / -czf bootbank/vcl.tgz .ssh

  • Edit the /bootbank/boot.cfg file and append ' --- vcl.tgz' to modules line as shown in the following example:
    Panel

    kernel=b.z
    kernelopt=
    modules=k.z — s.z — c.z — oem.tgz — license.tgz — m.z — state.tgz — vcl.tgz
    build=4.1.0-260247
    updated=2
    bootstate=0

...