If you decide that you want to use authorized keys to log in to a host with SSH, you can upload authorized keys with a vifs command.

About this task

Note:

Because authorized keys allow SSH access without requiring user authentication, consider carefully whether you want to use SSH keys in your environment.

Authorized keys allow you to authenticate remote access to a host. When users or scripts try to access a host with SSH, the key provides authentication without a password. With authorized keys, you can automate authentication, which is useful when you write scripts to perform routine tasks.

You can upload the following types of SSH keys to a host.

  • Authorized keys file for the root user

  • RSA key

  • RSA public key

Starting with the vSphere 6.0 Update 2 release, DSS/DSA keys are no longer supported.

Important:

Do not modify the /etc/ssh/sshd_config file. If you do, you make a change that the host daemon (hostd) knows nothing about.

Procedure

At the command line or an administration server, use the vifs command to upload the SSH key to an appropriate location on the ESXi host.
vifs --server hostname --username username --put filename /host/ssh_host_dsa_key_pub

Type of key

Location

Authorized key files for the root user

/host/ssh_root_authorized keys

You must have full administrator privileges to upload this file.

RSA keys

/host/ssh_host_rsa_key

RSA public keys

/host/ssh_host_rsa_key_pub