How to disable root shell access on ESXi and vCenter Server
book
Article ID: 374277
calendar_today
Updated On: 02-03-2025
Products
VMware vSphere ESXi
Issue/Introduction
Due to some company cybersecurity policies, customers need to disable root ssh to ESXi/vCenter permission.
This article shows how to disable root shell access on ESXi
Environment
ESXi 7.0.x
ESXi 8.0.x
vCenter Server 7.0.x
vCenter Server 8.0.x
Resolution
Before the operation, make sure there is a super user with the same permissions as the root account.
- SSH to ESXi host or vCenter Server using the root account, edit /etc/ssh/sshd_config using blew command: vi /etc/ssh/sshd_config

- Find the parameter "permitrootlogin yes" and change it to "permitrootlogin no".
- Finally, save and quit this file esc :wq!
- Restart SSH service using the blew command:
/etc/init.d/SSH restart
Additional Information
If you want to change back the previous SSH permission, only reset the parameter to "permitrootlogin yes"
Feedback
Was this article helpful?
thumb_up
Yes
thumb_down
No