...hopefully some useful VMware related stuff

Authenticate to ESX server using Public / Private keys over SSH

12/10/2009 12:17

Use this procedure to allow you to connect over SSH into your ESX server(s) without using a password using a Public / Private key pair.

Although you can set your ESX server to allow you to authenticate as root over SSH this is not recommended so this procedure relies on you having created a limited user account in this case vadmin.

You can add this user by:

useradd vadmin

passwd vadmin xxxxxx


So, to continue:


Edit the ssh config file:

vi /etc/ssh/sshd_config

In the # Authentication add a line as follows:

AllowUsers vadmin

and then unhash the following line:

AuthorizedKeysFile .ssh/authorized_keys

Then exit with saving changes:


Next make the authorized keys file and change permissions on it for your user:

mkdir /home/vadmin/.ssh

chmod 700 /home/vadmin/.ssh

touch /home/vadmin/.ssh/authorized_keys
chmod 600 /home/vadmin/.ssh/authorized_keys

Go to: https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Download PuTTygen

Hit the generate button

Move the mouse around the blank area until complete

Save the public key

Save the private key (ignore the warning unless you want to type a password in each time you authenticate)

Now paste into the authorized key file we created earlier:

vi /home/vadmin/.ssh/authorized_keys

In the PuTTygen window copy the public key section in its entirety and paste into the vi session

Then quit and save changes:


Confirm by running:

cat /home/vadmin/.ssh/authorized_keys

It should look something like:




Now change ownership info:

chown vadmin /home/vadmin/.ssh

chgrp vadmin /home/vadmin/.ssh

chown vadmin /home/vadmin/.ssh/authorized_keys

chgrp vadmin /home/vadmin/.ssh/authorized_keys

Then restart the service:

service sshd restart



Now, go into PuTTy

Enter the normal info for your ESX server - Hostname, and then a name you want for this saved session

On the left go to Connection --> Data and put in your ESX host user name used above, in this case vadmin

Then in Connection --> SSH --> Auth Hit browse next to the Private key file for authentication and find your

provate key.

Next go back to Session at the top and click the Save button

Now, when you open your ESX server through your saved PuTTy session you will log in automatically

Search site