Enable SSH key-based authentication on vSphere ESXi version 8.0.2 and later

search cancel

Enable SSH key-based authentication on vSphere ESXi version 8.0.2 and later

book

Article ID: 411797

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

In ESXi version 8.0.2 and earlier, key-based authentication can be enabled on the host by setting the "PasswordAuthentication" parameter to "no" in the /etc/ssh/sshd_config file.
Modifying the /etc/ssh/sshd_config file to change the "PasswordAuthentication" parameter is no longer supported in ESXI version 8.0.2 and above. See KB "Configurable properties of SSH Server on ESXi 8.0.2 or later" for the supported method.

Environment

VMware vSphere ESXi 8.0.2 and later.

Resolution

To achieve equivalent functionality as "PasswordAuthentication" parameter, set the "UsePAM" and "ChallengeResponseAuthentication" parameters to "yes".

esxcli system ssh server config set -k usepam -v yes ;
esxcli system ssh server config set -k challengeresponseauthentication -v yes".

Additional Information

For more information: Modifying the parameters like "PasswordAuthentication" to yes in sshd_config are not persistent across reboot

Feedback

thumb_up Yes

thumb_down No