«

»

Sep 01

VMworld vBrownBag Tech Talk: Managing ESXi SSH Service with PowerCLI

Yesterday I did my first vBrownBag Tech Talk at VMworld. I was a bit nervous for sure and ended up being a little bit short on content (I talk a bit fast when I get nervous). Anyway I think it still went OK and I enjoyed giving it a shot.

The talk was on using PowerCLI to manage SSH. Specifically about using PowerCLI to report on the status of the SSH Service on ESXi host (is it running, what is the policy set for), updating the policy (Start and Stop with Host, Manual, Automatic), stopping and starting the SSH on ESXi hosts, and configuring the firewall for the SSH service to limit access to the service.

The slide deck from the talk can be found here: vBrownBag-TechTalk-ManagingSSH

Here is a short recording from the talk:

I also talked a bit about a script I put together as an example to toggle (start or stop) the SSH service on all hosts in vCenter inventory.

This afternoon at 5:00 PM PDT I am giving another vBrownBag Tech Talk on Managing vCenter Roles and Permissions using PowerCLI. Stop by the hang space or watch the live stream here: http://professionalvmware.com/brownbags/vbrownbags-live/

The script can be found here https://github.com/herseyc/PowerCLI-Scripts/blob/master/togglessh.ps1 but I have also included it below:

#######################################
# PowerCLI to start|stop TSM-SSH Service on all ESXi hosts in vCenter Inventory
# 
# Script: togglessh.ps1
# Usage: togglessh.ps1 (start|stop)
#
# History:
# 8/15/2015 - Hersey http://www.vhersey.com/ - Created
#
###############VARIABLES###############
# vCenter Server IP or FQDN
$vcenter = "192.168.1.27"
##############NO CHANGES BEYOND THIS POINT##############
#Get the commnad line arguments
$state = $args

#Make sure start or stop was passed as command line argument
if ($state -eq "start" -or $state -eq "stop") {
  #Connect to vCenter Server - Will prompt for username and password
  Write-Host "Connecting to vCenter at $vcenter"
  Connect-VIServer $vcenter | Out-Null

  Write-Host "$state TSM-SSH Service on all hosts in vCenter Inventory"

  #Get all hosts in vCenter Inventory
  $vmhosts = Get-VMHost

  foreach ($vmhost in $vmhosts) {

    if ($state -eq "start") {
      Write-Host "Starting TSM-SSH Service on $vmhost"
      Get-VMHostService -VMHost $vmhost | Where {$_.Key -eq "TSM-SSH"} | Start-VMHostService -Confirm:$false | Out-Null
    }  

    if ($state -eq "stop") {
      Write-Host "Stopping TSM-SSH Service on $vmhost"
      $stopping = Get-VMHostService -VMHost $vmhost | Where {$_.Key -eq "TSM-SSH"} | Stop-VMHostService -Confirm:$false | Out-Null
    }

  $running = (get-vmhost -Name 192.168.1.25 | Get-VMHostService | Where {$_.Key -eq "TSM-SSH"}).Running
  Write-Host "TSM-SSH Service on $vmhost Running State is now: $running"

  }

  Write-Host "All Done! Disconnecting from vCenter Server"
  Disconnect-VIServer -Confirm:$false

} else {

  Write-Host "$state is not a valid argument!"
  Write-Host "Usage: togglessh.ps1 (start|stop)"
  Write-Host "Example: togglessh.ps1 start"

}

The only configuration which needs to be done is updating the $vcenter variable with the IP Address or FQDN of the vCenter Server you want to execute the script against. To run you simply run togglessh.ps1 (start|stop) to either stop or start the SSH service on all ESXi hosts managed by the vCenter.

The script will connect to vCenter using the Connect-VIServer Cmdlet and prompt you for the username and password. It will then either stop or start the SSH (TSM-SSH) Service on each host depending on the command line argument you passed to the script (start|stop).

This is just a starting point and it could be easily modified for a single host.

Thanks to the vBrownBag crew and to everyone who tuned in for the talk. There are lots of great talks vBrownBag talks going on at VMworld so be sure to stop by or watch the stream: http://professionalvmware.com/brownbags/vbrownbags-live/

Have fun!

About the author

vHersey

Hersey Cartwright is an IT professional with extensive experience designing, implementing, managing, and supporting technologies that improve business processes. Hersey is Solutions Architect for SimpliVity covering Virginia, Washington DC, and Maryland. He holds the VMware Certified Design Expert (VCDX-DV #128) certification. Hersey actively participates in the VMware community and was awarded the VMware vExpert title in 2016, 2015, 2014, 2013, and 2012. He enjoys working with, teaching, and writing about virtualization and other data center technologies. Follow Hersey on Twitter @herseyc

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

two + seven =