The ESXi Shell provides access to maintenance commands and other configuration options. Esxi shell and SSH comes in handy when there are certain tasks that can’t be done through the Web Client or other remote management tools.
Enabling local and remote shell access on Esxi hosts
Login to vSphere Web Client and select an Esxi host and navigate to Manage > Settings > Security Profile > Services and click Edit
We can enable/dsable below services and also can change their start up method:
- Direct Console UI
- ESXi Shell
Enabling SSH or local shell through the DCUI.
Go to the console of the host. Press F2 and enter esxi host credentials.
Select Troubleshooting Options and hit Enter on each service you want to enable/disable.
Configuring the Timeout For the ESXi Shell
By default the timeout setting for the ESXi shell is set to disabled. The shell timeout setting allows you to specify how long an inactive session is left open. After the timeout period, if you have not logged in, the shell is disabled.
Note: If you are logged in when the timeout period elapses, your session persists. However, the ESXi Shell is disabled and it prevents other users from logging in.
Configure Shell timeout from DCUI
From Troubleshooting mode options, select Modify Esxi Shell and SSH timeouts
And set the values
Note: If ESXi Shell and SSH are enabled, the option to modify the timeout value is grayed out. To change the timeout value, ensure both ESXi Shell and SSH are disabled. This is by design and is intended to indicate when the timeout values would take effect.
Configure ESXi Shell timeout from vSphere Web Client:
1: Log in to vSphere Web Client.
2: Select the host in the Inventory panel and click Configuration tab.
3: Under Software, click Advanced Settings.
4: In the left panel, search for UserVars.
5: In the UserVars.ESXiShellTimeOut field, enter the timeout setting in seconds.
ESXi Shell and SSH service needs to be restarted for changes to take affect.
ESXi Shell Interactive Time Out
This is applicable to the SSH Sessions that were opened after the configuration was done. Let’s say we have configured this time-out to 60 seconds. So once this configuration is done, and a new Putty Session is opened, it automatically closes after 60 seconds of no activity. Well, if you don’t run any commands or you don’t scroll in the SSH Session for 60 seconds, you will be logged out automatically.
To configure Shell Interactive timeout, edit the UserVars.ESXiShellInteractiveTimeOut configuration option.
Configure Shell timeout from CLI
Check current settings
[root@esxi04:~] esxcfg-advcfg -g /UserVars/ESXiShellInteractiveTimeOut Value of ESXiShellInteractiveTimeOut is 0 [root@esxi04:~] esxcfg-advcfg -g /UserVars/ESXiShellTimeOut Value of ESXiShellTimeOut is 0
Configuring Shell Timeout via Power CLI
Configure the setting for all esxi servers in a cluster:
Get-AdvancedSetting -Entity (Get-cluster <cluster> | Get-VMhost) -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 1800 Get-AdvancedSetting -Entity (Get-cluster <cluster> | Get-VMhost) -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 1800
Get-AdvancedSetting -Entity (Get-cluster <cluster> | Get-VMhost) -Name UserVars.ESXiShellTimeOut | ft -autosize Get-AdvancedSetting -Entity (Get-cluster <cluster> | Get-VMhost) -Name UserVars.ESXiShellInteractiveTimeOut | ft -autosize
If you have set ESXiShellInteractiveTimeOut on an Esxi host, then after period of no activity, you will be kicked out of server with below message
[root@esxi04:~] timed out waiting for input: auto-logout Connection to esxi04 closed.
I hope you find this post informational. Feel free to share this on social media if it is worth sharing. Be sociable 🙂