Generate Your Keys
LinuxFrom the remote Linux server:
Note: Make sure to leave the password empty, or you will defeat this whole passwordless exercise.
This will generate ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub. You can setup your default identity with:
cp ~/.ssh/id_rsa.pub ~/.ssh/identity.pub
Next we will use a helpful tool to copy our public key to the appropriate location on the target server. The "ssh-copy-id" tool will copy the public key to ~/.ssh/authorized_keys and set the appropriate permissions for us. This can be done manually, if needed.
The general method to copy the public key to the target ESX server's authorized list is using ssh-copy-id:
If you don't have the default identity.pub setup, you can specify your public key with:
WARNING: Make sure to include 'root@' or it will try to copy to the same user name as you are currently logged in as.
Note, each version of ESX/ESXi has a few adjustments to make it work.
WindowsFor Windows servers you will need to use PUTTY and PUTTYgen. Within PUTTYgen, simply click "Generate", move your mouse a lot over the blank area, and wait for the keys to be generated.
The text within the "Public key for pasting into OpenSSH authorized_key file" area is the key that needs to go into the authorized_keys file on your server. Click the "Save private key" button and save this private_key.ppk file to a secure location. This is the key you will load into Putty to connect to the server.
ESXi 5.xESXi 5.x looses the keys on reboot unless you take a few extra steps.
1. Copy public key:
2. On the ESXi server:
3. Reboot ESXi server, so the script is saved to the boot bank. (Do not power cycle)
4. Done. Verify passwordless access: