The IT world varies greatly between different IT shops because of individual requirements. Because of this some people need to do things that others may not need to. This led me to the idea of today’s post: how to enable SSH on ESXi hosts and get rid of the annoying warning message.
In most environments – and ones that are security constrained – it would not be acceptable to permanently enable SSH on your vSphere hosts. This would be considered too risky and it opens up an attack point. But for many shops, especially small shops, they are not as concerned and would rather have the ease-of-access factor.
How to Enable SSH
To start off, let’s review one of the ways to enable SSH on a vSphere host. I will show you the common method using the vSphere client.
- The first step is to select the host on which you want to enable SSH.
- Then click on the configuration tab and select the Properties option. This will allow the services options to be modified.
- Once we are looking at the Services Properties, the first thing to do is locate the SSH line item and select it.
- We can than edit the options for the service as shown below. There are several options here, but if the goal is to turn on the service and have it available at all times then we want to configure it to start and stop with the host as shown below.
This will allow the SSH service to run and auto start any time the host is rebooted. You will then be able to do this any time SSH to the host for easier management without needing to turn the service on and off as needed.
The (Annoying) Warning Message
Now the results of our enabling SSH on our test host is shown below. We get the yellow nag message at the top of the screen when viewing our host. This is not the end of the world, but if you intend on leaving SSH enabled permanently then you don’t want to look at it.
How to Disable the SSH Message
- To get rid of the warning message we need to turn off one of the advanced settings. We can get this started by selecting our host again and going back to the Configuration tab. From there we need to select the Advanced Settings option shown below.
- In the Advanced Settings, scroll all the way to the bottom and find the UserVars option shown below.
- Once selected, scroll to the bottom of the right pane and find the UserVars.SuppressShellWarning option and change the value to a “1” from the default “o” value. This will stop the warning message for SSH when enabled.
This may be of value to those that are not concerned about SSH being turned on. If you work on a team that is concerned about this you will not want to make these changes, because the warning message will save you time by noticing that the service was turned on.