Changing default SSH configuration
Article ID: 337167
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
This article provides steps to change the default SSH configuration.
Symptoms:
Symptoms:
- SSH connection to the ESX host is refused
- This issue may occur when Triple Data Encryption Algorithm (3DES ) is used by the source
Environment
VMware ESX 4.0.x
VMware ESX Server 3.5.x
VMware ESX Server 3.5.x
Resolution
ESX SSH security settings are designed to provide protection for the data you transmit to the service console through SSH. If this configuration is too rigid for your needs, you can lower security parameters.
Note: For more information about the security settings, see SSH Security in the Configuration Guide.
To change the default SSH configuration:
- Log on to the service console and acquire root privileges.
- Change to the /etc/ssh directory with the command:
cd /etc/ssh
- Open the sshd_config file in a text editor. For more information, see Editing files on an ESX host using vi or nano (1020302).
- To allow remote root logon, change the line PermitRootLogin no to PermitRootLogin yes.
- To revert to the default SSH protocol (Version 1 and 2), comment out this line:
Protocol 2
- To revert to the 3DES cipher and other ciphers, comment out this line:
Ciphers aes256-cbc,aes128-cbc
- To disable Secure FTP (SFTP) on SSH, comment out this line:
Subsystem ftp /usr/libexec/openssh/sftp-server
- Save your changes and close the file.
- Restart the SSHD service with the command:
service sshd restart
Feedback
Yes
No
Powered by
