O'Reilly logo

VMware Cookbook by Matthew Helmke, Ryan Troy

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. General Security

In this chapter we will provide solutions to help you maintain a secure virtual environment, using technologies that are already available to you in your VMware implementation. This chapter will cover a lot of basic Linux-related material, since the ESX Server has Red Hat Linux as its base. We will also discuss increasing security with ESXi, VMware’s console-less hypervisor.

This chapter will focus on using the command line for security and monitoring tasks. Most of the tasks we’ll examine (apart from user-related tasks such as role management) can be performed using the vCenter client, and in fact that is VMware’s suggested method. However, we feel that users should know how to use alternative ways to manage their ESX Servers, in case there are problems that prevent the use of the vCenter client. Thus, we have chosen to focus on the command line in this chapter. If you need details on performing any of these tasks via vCenter, we recommend that you familiarize yourself with a great document VMware provides on security, located at http://www.vmware.com/files/pdf/vi35_security_hardening_wp.pdf.

6.1. Enabling SSH on ESXi

Problem

You want to enable SSH on your server console.

Solution

Enable SSH. However, note that leaving direct root SSH disabled is the suggested configuration.

Discussion

SSH is a valuable service to have on your service console because it provides a way for an administrator to go behind the VMware GUI and issue commands directly to the operating ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required