Issue:
The root user id for the ESX Server 3.5 is not able to login using SSH, SCP, or SFTP.
Cause:
By default ESX Server 3.5 does not allow the root user console access, so utilities like SSH, SCP, and SFTP will not allow the root user to login.
Solution:
Create a special user for console access using SSH. Console access is the lowest level of security that can be granted. Once connected you can use the SU command to elevate permissions to the root user.
SCP and SFTP rely on SSH to perform authentication and will also be available to the SSH user. However, the SU option is not available using SCP or SFTP and therefore read/write access permissions on directories will be restricted. The solution for this problem is to create folders and assign the appropriate permission, or modify permissions on existing folder.
Steps to create an SSH User
1) Connect to the ESX server using the VI Client
2) Click the Users and Groups tab
3) Right click the list of users and Select Add
4) In the Add New user form
5) Type the login, username, and password
6) Click the “Grant shell access to this user”
a. See diagram
7) Click OK
Steps to create a folder and modify permissions
1) Login with the user just created using an SSH Client.
2) Type: SU --login
3) Type the password of the root user
4) Change to the parent folder where you wish to make the new folder.
a. CD /parent
5) Make the folder
a. mkdir foldername
6) List the current permission
a. Ls –l
b. For information only
7) Change folder group permissions to “users”
a. Chgrp users foldername
8) Change folder permissions to allow “users” rwx (read, write, execute)
a. chmod 775 foldername
9) List the current permissions
a. Ls –l
b. Compare against previous listing.
Below is a table that can be used to translate numbers (ie 7 of 775) into permissions.
|
Number
|
Permission
|
Text Display
|
|
0
|
None
|
--
|
|
1
|
Execute
|
--x
|
|
2
|
Write
|
-w-
|
|
3
|
Write, execute
|
-wr
|
|
4
|
Read
|
r--
|
|
5
|
Read, execute
|
r-x
|
|
6
|
Read, write
|
rw-
|
|
7
|
Read, write, execute
|
rwx
|