You can use SSH keys to restrict, control, and secure access to an ESXi host. By using an SSH key, you can allow trusted users or scripts to log in to a host without specifying a password.

About this task

You can copy the SSH key to the host by using the vifs vSphere CLI command. See Getting Started with vSphere Command-Line Interfaces for information on installing and using the vSphere CLI command set. It is also possible to use HTTPS PUT to copy the SSK key to the host.

Instead of generating the keys externally and uploading them, you can create the keys on the ESXi host and download them. See VMware Knowledge Base article 1002866.

Enabling SSH and adding SSH keys to the host has inherent risks and is not recommended in a hardened environment. See Disable Authorized (SSH) Keys.

Note:

For ESXi 5.0 and earlier, a user with an SSH key can access the host even when the host is in lockdown mode. This is fixed in ESXi 5.1.