If you enable the ESXi Shell on a host, but forget to log out of the session, the idle session remains connected indefinitely. The open connection increases the potential for someone to gain privileged access to the host. Prevent this by setting a timeout for idle sessions.
- Browse to the host in the vSphere Client inventory.
- Click Configure.
- Under System, select Advanced System Settings.
- Click Edit, select UserVars.ESXiShellInteractiveTimeOut, and enter the timeout setting.
A value of zero (0) disables the idle time.
- Restart the ESXi Shell service and the SSH service for the timeout to take effect.
If the session is idle, users are logged out after the timeout period elapses.