Este artículo explica cómo habilitar el servicio SSH a un host VMware ESXi desde el cliente vSphere, para acceder de forma remota a una shell en el hipervisor.
ESX/ESXi es un hipervisor de tipo 1 (corre directamente en hardware, no sobre un sistema operativo) que conforma la base y elemento principal de una infraestructura de virtualización VMware. ESXi está conformado por un microkernel (vmkernel) y BusyBox. Además incluye OpenSSH, por lo que es posible habilitar el servicio y acceder a un hipervisor de forma remota.
Para comenzar es necesario habilitar en el firewall e iniciar el servicio SSH en el host ESXi. Desde el panel de gestión del cluster VMware vCenter, utilizando el cliente vSphere, acceder a la vista de hosts y clusters (Home > Inventory > Hosts and Clusters).
Seleccionar el host al que se desea habilitar el servicio SSH y acceder al perfil de seguridad (Security Profile) desde la pestaña de configuración (Configuration) del mismo:

Luego, dentro de la sección "Firewall", abrir las propiedades (Properties...). En la ventana emergente, seleccionar el servicio SSH (SSH Server) y acceder a las opciones (Options):

Por último, presionar "Start" para iniciar el servicio:

Esta acción, además de iniciar el demonio SSH, habilita el acceso en el firewall del hipervisor.
Inmediatamente es posible acceder mediante SSH al hipervisor desde un host con acceso a la red del cluster:
emi@hal9000:~ % ssh root@192.168.155.102 The authenticity of host '192.168.155.102 (192.168.155.102)' can't be established. RSA key fingerprint is da:da:da. No matching host key fingerprint found in DNS. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.155.102' (RSA) to the list of known hosts. Password: The time and date of this login have been sent to the system logs. VMware offers supported, powerful system administration tools. Please see www.vmware.com/go/sysadmintools for details. The ESXi Shell can be disabled by an administrative user. See the vSphere Security documentation for more information. ~ #
En este ejemplo se trata de un host ESXi versión 5.0.0:
~ # uname -a VMkernel esxi11.mgmt 5.0.0 #1 SMP Release build-504890 Oct 13 2011 13:41:01 x86_64 unknown
No hay una gran cantidad de comandos disponibles, se encuentran dentro del directorio /usr/bin
:
~ # ls -l /usr/bin/ lrwxrwxrwx 1 root root 12 Oct 15 01:36 [ -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 [[ -> /bin/busybox lrwxrwxrwx 1 root root 35 Oct 13 2011 addgroup -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 35 Oct 13 2011 adduser -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 12 Oct 13 2011 ash -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 awk -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 basename -> /bin/busybox -r-sr-xr-x 1 root root 330964 Oct 13 2011 busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 cat -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 chgrp -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 chmod -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 chown -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 chvt -> /bin/busybox -r-xr-xr-x 1 root root 754 Oct 13 2011 cim-diagnostic.sh -r-xr-xr-x 1 root root 5052 Oct 13 2011 cim_host_powerops -r-xr-xr-x 1 root root 22488 Oct 13 2011 cimslp lrwxrwxrwx 1 root root 12 Oct 15 01:36 cksum -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 clear -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 cp -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 crond -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 cut -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 date -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 dd -> /bin/busybox lrwxrwxrwx 1 root root 35 Oct 13 2011 delgroup -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 35 Oct 13 2011 deluser -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 12 Oct 15 01:36 diff -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 dirname -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 du -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 echo -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 egrep -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 eject -> /bin/busybox -r-xr-xr-x 1 root root 6208 Oct 13 2011 enum_instances lrwxrwxrwx 1 root root 12 Oct 13 2011 env -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 expr -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 false -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 fdisk -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 fgrep -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 find -> /bin/busybox -r-xr-xr-x 1 root root 223112 Oct 13 2011 gdbserver lrwxrwxrwx 1 root root 12 Oct 15 01:36 getty -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 grep -> /bin/busybox lrwxrwxrwx 1 root root 35 Oct 13 2011 groupadd -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 35 Oct 13 2011 groupdel -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 35 Oct 13 2011 groups -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 12 Oct 15 01:36 gunzip -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 gzip -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 halt -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 head -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 hexdump -> /bin/busybox -r-xr-xr-x 1 root root 467 Oct 13 2011 host_reboot.sh -r-xr-xr-x 1 root root 473 Oct 13 2011 host_shutdown.sh lrwxrwxrwx 1 root root 12 Oct 15 01:36 hostname -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 id -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 inetd -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 init -> /bin/busybox -r-xr-xr-x 1 root root 5476 Oct 13 2011 kdestroy lrwxrwxrwx 1 root root 12 Oct 15 01:36 kill -> /bin/busybox -r-xr-xr-x 1 root root 13444 Oct 13 2011 kinit -r-xr-xr-x 1 root root 13116 Oct 13 2011 klist -r-xr-xr-x 1 root root 133212 Oct 13 2011 less lrwxrwxrwx 1 root root 12 Oct 15 01:36 ln -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 lockfile -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 logger -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 13 2011 login -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 ls -> /bin/busybox -r-xr-xr-x 1 root root 97160 Oct 13 2011 lw-lsa lrwxrwxrwx 1 root root 12 Oct 15 01:36 md5sum -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 mkdir -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 mkfifo -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 mknod -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 mktemp -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 more -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 mv -> /bin/busybox -r-xr-xr-x 1 root root 19952 Oct 13 2011 nc lrwxrwxrwx 1 root root 12 Oct 15 01:36 nohup -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 nslookup -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 od -> /bin/busybox -r-xr-xr-x 1 root root 1804463 Oct 13 2011 openssl lrwxrwxrwx 1 root root 12 Oct 15 01:36 passwd -> /bin/busybox lrwxrwxrwx 1 root root 13 Oct 13 2011 ping -> /sbin/vmkping lrwxrwxrwx 1 root root 13 Oct 13 2011 ping6 -> /sbin/vmkping lrwxrwxrwx 1 root root 17 Oct 13 2011 pkill -> /sbin/vmkvsitools lrwxrwxrwx 1 root root 12 Oct 15 01:36 poweroff -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 printf -> /bin/busybox -r-xr-xr-x 1 root root 8132 Oct 13 2011 prop_of_instances lrwxrwxrwx 1 root root 17 Oct 13 2011 ps -> /sbin/vmkvsitools -r-xr-xr-x 1 root root 1329108 Oct 13 2011 python lrwxrwxrwx 1 root root 12 Oct 15 01:36 readlink -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 reboot -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 reset -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 resize -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 rm -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 rmdir -> /bin/busybox lrwxrwxrwx 1 root root 31 Oct 13 2011 scp -> /usr/lib/vmware/openssh/bin/scp lrwxrwxrwx 1 root root 12 Oct 15 01:36 sed -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 seq -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 setsid -> /bin/busybox -r-xr-xr-x 1 root root 4321 Oct 13 2011 sfcb-config.py lrwxrwxrwx 1 root root 12 Oct 13 2011 sh -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 sha1sum -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 sleep -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 sort -> /bin/busybox lrwxrwxrwx 1 root root 31 Oct 13 2011 ssh -> /usr/lib/vmware/openssh/bin/ssh lrwxrwxrwx 1 root root 12 Oct 15 01:36 stat -> /bin/busybox -r-xr-xr-x 1 root root 275336 Oct 13 2011 strace lrwxrwxrwx 1 root root 12 Oct 15 01:36 stty -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 su -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 sum -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 sync -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 tail -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 tar -> /bin/busybox -r-xr-xr-x 1 root root 765212 Oct 13 2011 tcpdump-uw lrwxrwxrwx 1 root root 12 Oct 15 01:36 tee -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 test -> /bin/busybox -r-xr-xr-x 1 root root 4212 Oct 13 2011 ticket lrwxrwxrwx 1 root root 12 Oct 15 01:36 time -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 touch -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 true -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 uname -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 uniq -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 unzip -> /bin/busybox lrwxrwxrwx 1 root root 35 Oct 13 2011 useradd -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 35 Oct 13 2011 userdel -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 35 Oct 13 2011 usermod -> /usr/lib/vmware/misc/bin/deprecated lrwxrwxrwx 1 root root 12 Oct 15 01:36 usleep -> /bin/busybox lrwxrwxrwx 1 root root 17 Oct 13 2011 vdf -> /sbin/vmkvsitools lrwxrwxrwx 1 root root 17 Oct 13 2011 vdu -> /sbin/vmkvsitools lrwxrwxrwx 1 root root 12 Oct 15 01:36 vi -> /bin/busybox lrwxrwxrwx 1 root root 11 Oct 13 2011 vim-cmd -> /sbin/hostd lrwxrwxrwx 1 root root 17 Oct 13 2011 vmware -> /sbin/vmkvsitools -r-xr-xr-x 1 root root 6076 Oct 13 2011 vmware-vimdump -r-sr-xr-x 1 root root 13038136 Oct 13 2011 vmx -r-xr-xr-x 1 root root 17793 Oct 13 2011 vmx-buildtype -r-sr-xr-x 1 root root 15023088 Oct 13 2011 vmx-debug -r-sr-xr-x 1 root root 13723976 Oct 13 2011 vmx-stats lrwxrwxrwx 1 root root 12 Oct 15 01:36 watch -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 wc -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 wget -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 which -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 who -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 whoami -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 xargs -> /bin/busybox lrwxrwxrwx 1 root root 12 Oct 15 01:36 zcat -> /bin/busybox
Se observa que la mayoría de ellos están implementados por BusyBox.
Es posible acceder a los Datastores disponibles en el host, los cuales se encuentran montados bajo /vmfs/volumes/
Para detener el servicio SSH, repetir los pasos anteriores, pero utilizar el botón "Stop".
Para más información acceder a los siguientes enlaces:
Commands with an esxcfg Prefix