Showing posts with label shell. Show all posts
Showing posts with label shell. Show all posts

Monday, November 11, 2013

How To Enable ESXi SSH Access

The following instructions will allow you to enable root ssh access to an ESXi server:

ESXi 5.0 and ESXi 5.1

1. From the DCUI (Direct Console User Interface), press "[F2]" and login.

2. Navigate down to "Troubleshooting Options", and press enter.

3. Navigate down to "Enable SSH" and press enter.

4. To disable the configuration warning "Configuration Issues: SSH for the host has been enabled" in the vSphere Client, change the following:
  • Configuration -> Software (section) -> Advanced Settings -> UserVars -> SuppressShellWarning = 0


ESXi 4.1

1. From the DCUI (Direct Console User Interface), press "[F2]" and login.

2. Navigate down to "Troubleshooting Options", and press enter.

3. Navigate down to "Enable Remote Tech Support (SSH)" and press enter.


ESXi 4.0

1. From the DCUI (Direct Console User Interface), switch to the hidden shell login screen with "[Alt]+[F1]".

2.  Type in "unsupported" (the characters will not be echoed back) and press enter.  Now enter in the root user's password and press enter.

3. Edit /etc/inetd.conf and uncomment the "ssh stream tcp" line:
esx# vi /etc/inetd.conf
ssh  stream tcp nowait root /sbin/dropbearmulti dropbear  ...

4. Reboot the server:
esx# reboot

ESX 4.1 and ESX 4.0

1. From the terminal screen, switch to the shell login screen with "[Alt]+[F1]" and login as root.

2. Edit /etc/ssh/sshd_config and change the 'PermitRootLogin' line to allow root login:
esx# vi /etc/ssh/sshd_config
PermitRootLogin yes

3. Restart the SSH service:
esx# service sshd restart

Posted by at 3 comments:
Labels: ,

How To Manage Kernel Module Load Settings on ESXi

The following are instructions for managing kernel modules (drivers) on ESX(i).

List all loaded kernel modules 

# vmkload_mod -l    # --list

Show kernel module information 

# vmkload_mod -s some_module    # --showinfo
Note: This works in the same manner as modinfo on Linux

List module load parameters for on boot 

# esxcfg-module -g some_module    # --get-options

Set module load parameters for on boot 

# esxcfg-module -s 'parameter_a=1 parameter_b=test' some_module
Note: This does not affect parameters on manual module load

Clear module load parameters for on boot 

# esxcfg-module -s '' some_module    # --set-options

Disable module on boot 

# esxcfg-module -d some_module    # --disable

## write boot config, extra step for ESX 4.x only 
# esxcfg-boot -b

Enable module on boot 

# esxcfg-module -e some_module    # --enable
NOTE: On ESXi 5.1 you will need to re-enable the module to even manually load the driver.

Manually load module 

# vmkload_mod some_module
# vmkload_mod some_module parameter_a=1 parameter_b=test
Note: This works in the same manner as modprobe/insmod on Linux

Manually unload module 

# vmkload_mod -u some_module    # --unload
Note: This works in the same manner as modprobe/rmmod on Linux



Posted by at 2 comments:
Labels:

How To Reset ESXi Trial License

WARNING: This is for education/informational testing/development purposes only, and should not be used on a production server.

WARNING: This trick will only work with an ESX(i) stand alone server.  It will not work if the ESX(i) server is connected to a vCenter Server, as the vCenter Server knows better than to let you do this.  (you can always remove and readd the ESX(i) server to vCenter.)

To reset your ESX 4.x, ESXi 4.x and ESXi 5.x 60 day evaluation license:
  1. Login to the TSM through SSH or Shell
  2. Remove the following two files:
    1. /etc/vmware/vmware.lic
    2. /etc/vmware/license.cfg
  3. Reboot server
If your ESX server is connected to a vCenter server, please remove the ESX server first.  Once the steps above are completed, you can add it back to the vCenter server.

Sample commands:
rm -f /etc/vmware/vmware.lic /etc/vmware/license.cfg
reboot




For ESXi 5.1 and ESXi 5.5, you may need to continually remove the license files as the server reboots for this to work.  The following should do this quite nicely:

rm -f /etc/vmware/vmware.lic /etc/vmware/license.cfg
reboot ; while true ; do
    rm -f /etc/vmware/vmware.lic /etc/vmware/license.cfg
done



An alternative shows that restarting the services should works just as well as rebooting the server: 
# For ESXi 5.0
rm -f /etc/vmware/vmware.lic /etc/vmware/license.cfg
services.sh restart
# For ESXi 5.1
rm -r /etc/vmware/license.cfg
cp /etc/vmware/.#license.cfg /etc/vmware/license.cfg
/etc/init.d/vpxa restart

The alternative also shows a method for resetting the trial license while connected to vCenter server.  I still think removing and re-adding the ESXi server is cleaner.




Posted by at 21 comments:
Labels: ,

Sunday, November 10, 2013

How To Setup ESXi SSH Keys for Passwordless Access

Generate Your Keys

Linux

From the remote Linux server:
ssh-keygen
Note: Make sure to leave the password empty, or you will defeat this whole passwordless exercise.

This will generate ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub.  You can setup your default identity with:
cp ~/.ssh/id_rsa.pub ~/.ssh/identity.pub

Next we will use a helpful tool to copy our public key to the appropriate location on the target server.  The "ssh-copy-id" tool will copy the public key to ~/.ssh/authorized_keys and set the appropriate permissions for us.  This can be done manually, if needed.


The general method to copy the public key to the target ESX server's authorized list is using ssh-copy-id:
ssh-copy-id root@[SERVER]

If you don't have the default identity.pub setup, you can specify your public key with:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@[SERVER]

WARNING: Make sure to include 'root@' or it will try to copy to the same user name as you are currently logged in as.

Note, each version of ESX/ESXi has a few adjustments to make it work.

Windows

For Windows servers you will need to use PUTTY and PUTTYgen.  Within PUTTYgen, simply click "Generate", move your mouse a lot over the blank area, and wait for the keys to be generated.



The text within the "Public key for pasting into OpenSSH authorized_key file" area is the key that needs to go into the authorized_keys file on your server.  Click the "Save private key" button and save this private_key.ppk file to a secure location.  This is the key you will load into Putty to connect to the server.

 

ESXi 5.x

ESXi 5.x looses the keys on reboot unless you take a few extra steps.

1. Copy public key:
linux# ssh-copy-id -i ~/.ssh/id_rsa.pub root@[SERVER]

2. On the ESXi server:
esx# cp /.ssh/authorized_keys  /etc/ssh/keys-root/authorized_keys

3. Reboot ESXi server, so the script is saved to the boot bank. (Do not power cycle)
esx# reboot

4. Done. Verify passwordless access:
linux# ssh root@[SERVER] 









ESXi 4.x

ESXi 4.x looses the keys on reboot unless you take a few extra steps.



1. Copy public key:








linux# ssh-copy-id -i ~/.ssh/id_rsa.pub root@[SERVER]










2. On the ESXi server:








esx# cp -r /.ssh /scratch










3. On the ESXi server, add the following to /etc/rc.local:








esx# cp -r /scratch/.ssh /










3. Reboot ESXi server, so the script is saved to the boot bank. (Do not power cycle)








esx# reboot









4. Done. Verify passwordless access:








linux# ssh root@[SERVER]












ESX 4.x

1. Copy public key:








linux# ssh-copy-id -i ~/.ssh/id_rsa.pub root@[SERVER]










2. Done. Verify passwordless access:








linux# ssh root@[SERVER]




















Posted by



at





No comments:
  























Labels:
,

















        

      









Subscribe to:
Posts (Atom)