Chapter 6. General Security
In this chapter we will provide solutions to help you maintain a secure virtual environment, using technologies that are already available to you in your VMware implementation. This chapter will cover a lot of basic Linux-related material, since the ESX Server has Red Hat Linux as its base. We will also discuss increasing security with ESXi, VMware’s console-less hypervisor.
This chapter will focus on using the command line for security and monitoring tasks. Most of the tasks we’ll examine (apart from user-related tasks such as role management) can be performed using the vCenter client, and in fact that is VMware’s suggested method. However, we feel that users should know how to use alternative ways to manage their ESX Servers, in case there are problems that prevent the use of the vCenter client. Thus, we have chosen to focus on the command line in this chapter. If you need details on performing any of these tasks via vCenter, we recommend that you familiarize yourself with a great document VMware provides on security, located at http://www.vmware.com/files/pdf/vi35_security_hardening_wp.pdf.
6.1. Enabling SSH on ESXi
You want to enable SSH on your server console.
Enable SSH. However, note that leaving direct root SSH disabled is the suggested configuration.
SSH is a valuable service to have on your service console because it provides a way for an administrator to go behind the VMware GUI and issue commands directly to the operating ...