• Paul Kennard
    • Jan 26, 2021

Brain Byte - SSH & SFTP to vCenter and ESXi Host

Happy New Year and welcome to this ITBOD Brain Byte post where I will quickly cover how to connect to a vCenter or ESXi host via SSH or SFTP using two popular clients, PuTTY and WinSCP.


This Brain Byte come about following on from previous posts where I have repeated steps such as how to SSH.., so rather than teach experienced admins how to suck eggs it was easier for both me to create this as reusable content and the reader to following the how on this if needed.



What is SSH & SFTP?

The Secure Shell (SSH) is a protocol that allows authentication and encrypted data communications between two systems over Transmission Control Protocol (TCP) port 22 & can also create secure tunnels for applications.


The SSH File Transfer Protocol (SFTP) is the same protocol/port but enables secure server to server file transfers and is a replacement for the insecure legacy FTP protocol.


Enable & Disable SSH - vCenter


vCenter Server Appliance Management Interface (VAMI)

You can connect to the VAMI console via link that specifies port 5480

https://Your-VC-FQDN.local:5480/

Then login as root and follow numbered steps:

vCenter VAMI Login
vCenter VAMI SSH
vCenter VMAI SSH Enable


vCenter Direct Console User Interface (DCUI)

The DCUI can be accessed physically or via KVM/iLO type access. If your in a nested environment access is gained by opening a console window.

vCenter DCUI
vCenter DCUI Login
vCenter DCUI Troubleshooting Mode
vCenter DCUI Enable SSH

Enable & Disable SSH - ESXi Host


ESXi host via vCenter vSphere Client

You can connect to the main vCenter Web Client via link with VCs Fully Qualified Domain Name or IP.

https://Your-VC-FQDN.local/ui/login

Then login with account that has admin access and follow numbered steps:

vCenter Login
Enable SSH via vCenter Web Client


ESXi host direct via vSphere Client

You can connect to the host directly also to enable SSH.

https://Your-Host-FQDN.local/ui/login
ESXi Host vSphere Client Login
ESXi vSphere Client Enable SSH

ESXi Direct Console User Interface (DCUI)

Finally as with the VC you can also access the hosts DCUI in the same manner.

ESXi DCUI
ESXi DCUI Login


Connect via SSH using Putty


You can download PuTTY from the following location as installer package or as stand-alone putty.exe:


https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html


1: Enter Hostname and ensure SSH is selected

2: Click Open

ESXi Putty Configuration

3: Enter root Username/Password

ESXi Putty Connection

Connect via SFTP using WinSCP

Because SFTP runs over SSH you need to also have SSH enabled to allow you to connect to transfer files. If you have skipped straight to this point, just follow the steps on “Enable & Disable SSH” for vCenter/ESXi above.


You can download WinSCP from the following location as installer package or as stand-alone version: https://winscp.net


1: The left hand pane is your local drive

2: The right hand pane lists files on the system you are connecting too.

3: To connect to vCenter/ESXi host Click "Session > New Session..”

WinSCP New Session

4: Enter Hostname/Username/Password and click Login.

WinSCP Login

5: Once connected, you can browse the filesystem and right click for options menu, if you just need to grab something quickly you can also drag and drop files/folders between panes.

WinSCP Connected to ESXi Host


Please Note:

It’s important you disable SSH on your VMware hosts and appliances when you no longer need to use it, this is not only a best practice but will decrease security risks that it can pose within your environments and systems.


More Info on SSH & SFTP

https://www.ssh.com/ssh/

https://www.ssh.com/ssh/sftp/


Alternative SSH & SFTP Apps

https://www.ssh.com/ssh/#download-client-software

https://www.ssh.com/ssh/sftp/#sftp-client-for-windows-and-mac

Home.png