In this article I am trying to answer the following questions, which seems to pop up all the time.
How to enable Shell Access for the root account in VMware VI3 (VMware ESX)?
Is it the same way in VMware VI3 V3.5?
Why would I want to enable shell Access for the root account?
Why does VMware disable it by default?
What’s your recomendation in this regard?
Ok, Lets take one by one of these questions and answer it:
How to enable Shell Access of the root account in VMware VI3 (VMware ESX)?
To enable Shell Access of the root account in VMware VI3 all you have to do is login to the terminal with your root account. Or login through ssh using a user account then elevate to root.
After that go to the /etc/ssh directory
cd /etc/ssh/
Then edit /etc/ssh/sshd_config using vi
vi sshd_config
Then change the No to Yes next to the PermitRootLogin as shown in the below snapshot
Save the file by pressing :wq
then restart your VMware ESX server.
After that your VMware ESX Root will have shell access.
Is it the same way in VMware VI3 V3.5?
Yes, the same trick still work in V3.5.
Why would I want to enable shell Access for the root account?
Well, so many of time you want to have SFTP access to you VMware ESX box and don’t have the time to fuddle up with it to get a normal user to work with SFTP. So it can be a fast and easy dirty trick to do so.
Why VMware Originally disable it?
For security reasons, as its not a very good idea to give the root a direct shell access to your VMware ESX. Its a lot more secure when you login as a normal user then elevate to root using the SU -command.
What’s your recomendation in that regard?
Don’t use this method for machines where highest security is a must. In addition, don’t use it with machines facing the internet directly. Further more, you can enable the shell access when you need initially to upload your Images to the VMware ESX then disable it again after that.
I hope this was useful to every one.
2 responses to “VMware VI3 Root Shell Access”
The faster way to do it:
sed -e ‘s/PermitRootLogin no/PermitRootLogin yes/’ -i /etc/ssh/sshd_config
/sbin/service sshd reload
Besides you can use only ssh certicates to authorize via ssh. So you can customize config file to inlude:
RSAAuthentication yes
PubkeyAuthentication yes
RhostsRSAAuthentication no
HostbasedAuthentication no
ChallengeResponseAuthentication no
PasswordAuthentication no
KerberosAuthentication no
GSSAPIAuthentication no
Hi funek,
Thanks for the great contribution.
Best Regards,
VMbloggie