If you enable the ESXi Shell on a host, but forget to log out of the session, the idle session remains connected indefinitely. The open connection increases the potential for someone to gain privileged access to the ESXi host. Prevent this by setting a timeout for idle sessions.

The idle timeout is the amount of time that can elapse before you are logged out of an idle interactive session.

Procedure

  1. Click Manage in the VMware Host Client inventory and click Advanced Settings.
  2. Enter UserVars.ESXiShellInteractiveTimeOut in the Search text box and click the Search icon.
  3. Right-click UserVars.ESXiShellInteractiveTimeOut and select Edit option from the drop-down menu.
    The Edit option dialog box opens.
  4. In the New value text box, enter the timeout setting.
    A value of zero (0) disables the timeout.
  5. Click Save.
    The timeout takes effect only for newly logged in sessions.
  6. (Optional) To reset the key setting to default, right-click the appropriate key from the list and select Reset to default.

Results

If the session is idle, users are logged out after the timeout period elapses.