This article provides steps to allow SSH access to VMware vCenter Severs with public/private key authentication rather than with username/password authentication.

VMware VCenter Server

To allow SSH access to vCenter server with public/private key authentication:

• Open command prompt or terminal on the machine in which openssh utility is installed.
• Run this command to generate the private and public keys on the administrator’s computer (where openssh is installed)
  • ssh-keygen -t rsa   (Here, any signing algorithm can be used like rsa, ed25519 etc ) 
  • Press enter to save the key to the default location.
  • Press enter to not use any passphrase. Press enter again to skip the passphrase. 

• The utility creates two files in the current user’s profile directory (%USERPROFILE%.ssh):

  id_rsa – private key
  • id_rsa.pub – public (open) key
• Ssh to the vCenter with root and enter shell
  • Change the directory to this path : cd /root/.ssh
  • Edit the file : vi authorized_keys
  • Open the id_rsa.pub key on notepad/notepad++ and copy the complete key with the username and the end.
  • Paste the key on the authorized_keys file in the vCenter.
  • Save it with Esc then  :wq!

Now to test the login without entering credentials :

• Open command prompt and this run this command : ssh root@vCenter_ip
• And, it is login directly without the requirement to manually enter the root credentials.

Note : This setup is limited to root user account (i.e. localos accounts). We can create user in vCenter from ssh with root access but, we will not be able to login with it. And, for sso accounts ([email protected]) it is not possible to create ssh key authentication.