ESX SSH security settings are designed to provide protection for the data you transmit to the service console through SSH. If this configuration is too rigid for your needs, you can lower security parameters.
Note: For more information about the security settings, see
SSH Security in the
Configuration Guide.
To change the default SSH configuration:
- Log on to the service console and acquire root privileges.
- Change to the /etc/ssh directory with the command:
cd /etc/ssh
- Open the sshd_config file in a text editor. For more information, see Editing files on an ESX host using vi or nano (1020302).
- To allow remote root logon, change the line PermitRootLogin no to PermitRootLogin yes.
- To revert to the default SSH protocol (Version 1 and 2), comment out this line:
Protocol 2
- To revert to the 3DES cipher and other ciphers, comment out this line:
Ciphers aes256-cbc,aes128-cbc
- To disable Secure FTP (SFTP) on SSH, comment out this line:
Subsystem ftp /usr/libexec/openssh/sftp-server
- Save your changes and close the file.
- Restart the SSHD service with the command:
service sshd restart