ESXi Shell Access with the Direct Console
An ESXi system includes a Direct Console User Interface (DCUI) that allows you to start and stop the system and to perform a limited set of maintenance and troubleshooting tasks. The direct console allows access to the ESXi Shell, which is disabled by default. You can enable the ESXi Shell in the direct console or by using the vSphere Web Client. You can enable local shell access or remote shell access:
Local shell access allows you to log in to the shell directly from the Direct Console. See Enabling Local ESXi Shell Access.
Remote shell (SSH) access allows you to connect to the host using a shell such as PuTTY, specify a user name and password, and run commands in the shell. See Remote ESXi Shell Access with SSH.
The ESXi Shell includes all ESXCLI commands, a set of deprecated esxcfg- commands, and a set of commands for troubleshooting and remediation.
Important All ESXCLI commands that are available in the ESXi Shell are also included in the vCLI package.
VMware recommends you install the vCLI package on a supported Windows or Linux system or deploy the vMA virtual appliance, and run commands against your ESXi hosts. Run commands in the ESXi Shell directly or through SSH only in troubleshooting situations.
Enabling Local ESXi Shell Access
You can enable the ESXi Shell from the direct console or from the vSphere Web Client or the vSphere Client.
If you have access to the direct console, you can enable the ESXi Shell from there.
To enable the ESXi Shell in the direct console
1
At the direct console of the ESXi host, press F2 and provide credentials when prompted.
2
Scroll to Troubleshooting Options and press Enter.
3
Choose Enable ESXi Shell and press Enter.
On the left, Enable ESXi Shell changes to Disable ESXi Shell. On the right, ESXi Shell is Disabled changes to ESXi Shell is Enabled.
4
Press Esc until you return to the main direct console screen.
If you do not have access to the Direct Console Interface, you can enable the ESXi Shell from the vSphere Web Client.
To enable the ESXi Shell from the vSphere Web Client or the vSphere Client
1
Select the host, click Manage, and keep Settings selected.
2
Click Security Profile.
3
In the Services section, click Edit.
4
Select ESXi Shell.
To temporarily start or stop the service, click the Start or Stop button.
To change the Startup policy across reboots, select Start and stop with host and reboot the host.
5
Click OK.
After you have enabled the ESXi Shell, you can use it from that monitor or through a serial port.
ESXi Shell Timeout
The ESXi Shell supports a timeout for ESXi Shell availability and a timeout for idle ESXi Shell sessions.
Availability timeout: The availability timeout setting is the amount of time that can elapse before you must log in after the ESXi Shell is enabled. After the timeout period, the service is disabled and users are not allowed to log in.
Idle timeout: If a user enables the ESXi Shell on a host, but forgets to log out of the session, the idle session remains connected indefinitely
You can set both timeout values from the Direct Console User Interface, from the vSphere Web Client, or from the vSphere Client. See the vSphere Security document in the vSphere Documentation Center for detailed instructions.
Using the ESXi Shell
After you enable the ESXi Shell in the direct console, you can use it from the main direct console screen or remotely through a serial port.
To use the local ESXi Shell
1
At the main direct console screen, press Alt-F1 to open a virtual console window to the host.
2
Provide credentials when prompted.
When you type the password, characters are not displayed on the console.
3
Enter shell commands to perform management tasks.
4
To log out, type exit in the shell.
5
To return to the direct console, type Alt-F2.
See vSphere Installation and Setup documentation for information on serial port setup.
Help us improve this information. Send feedback to [email protected].