To allow SSH access to ESXi/ESX hosts with public/private key authentication:
- Generate public/private keys.
- These instructions generate two files in ~/.ssh: id_rsa and id_rsa.pub.
- In ESXi 5.x, the ssh-keygen command is located at /usr/lib/vmware/openssh/bin.
- On the remote host, store the public key content, id_rsa.pubin ~/.ssh/authorized_keys.
- For ESXi 5.x, 6.0 and 6.5, the authorized_keys is located at: /etc/ssh/keys-<username>/authorized_keys
- More than one key can be stored in this file.
- To allow root access, change PermitRootLogin no to PermitRootLogin yes in the /etc/ssh/sshd_config file.
- To disable password login, ensure that the ChallengeResponseAuthentication and PasswordAuthentication are set to no.
- Reload the service:
- For ESXi, run the command:/etc/init.d/SSH restart
- For ESX, run the command:service sshd reload
For more information on SSH, see Uploading an SSH Key to Your ESXi Host section in the VMware vSphere 5.5 documentation Center.