How to allow root user to log in to ESX host with SSH?

When you try to SSH login to your ESX host using root account, it gives you “Access denied” message.

This is normal; ESX SSH login using the root account is disabled by default for security purpose. You can login to the host by using either of the below ways:

  1. Login directly to the ESX host using VI Client (not to the vCenter Server)
  2. Click Users & Groups tab
  3. Right-click on a blank area and click Add
  4. Enter a username and password as shown in the picture. Confirm your password. Note: Starting in  ESX 4.0 the password needs to be at least 8 characters in length.
  5. Select Grant shell access to this user and click OK.
  6. Open the SSH client (Putty for example).
  7. Complete the necessary fields. Ensure Port is set to 22 and Protocol is set to SSH. Press Enter or click Open.
  8. Log in as the new user you created in step 4.
  9. Type SU – and press enter (This command switches users to root access and provides the path to the root user commands).
  10. Enter the root password when prompted, press Enter and you are in.

Now, you know how to SSH login using root account but you will need to use the SSH login account (created on step 4 above). If you need to permanently login using root account directly without the need to use a temp account you will need to edit it the “ssh_config” file to permanently enable root account to login directly.

Here are the steps:

  1. Open a SSH session and login using steps mention above.
  2. Type command: nano /etc/ssh/sshd_config
  3. Find the line the says: PermitRootLogin and change the “no“ to “yes” .
  4. save the file and exit.
  5. Restart the sshd process by typing /etc/init.d/sshd restart .

Now, you can  permanently login to SSH using root account directly.