Symptoms
- Stopping SSH services on a ESXi host using the vSphere Client fails
- Disabling SSH service on an ESXi 5.1 using the vSphere Client fails
- You see the error:
Cannot change the host configuration. - The SSH service continues to allow new login attempts despite the error
- The error appears intermittently and you may be able to stop the services if you retry
Resolution
To work around this issue:
Note: This workaround is provided with no warranty and is experimental. Ensure that you back up any files prior to making changes.
- SSH into the ESXi 5.1 host.
- Navigate to the service directory:
cd etc/vmware/service/ - Back up the
service.xmlfile prior to making changes:cp service.xml service.xml.backup - Edit the
service.xmlfile using a text editor. For more information, see Editing files on an ESX host using vi or nano (1020302). - Locate the entry <
ruleset>sshServer</ruleset>, and delete this line from theservice.xmlfile. - Save and close the file.
- Refresh the networking settings by running the command:
esxcli network firewall refresh - Exit the SSH session.
- In the vSphere Client, select the ESXi host, go to Configuration > Security Profile, and click Refresh in the Firewall section.
You should now able to disable SSH and the firewall rule should also be disabled.
Note: If your problem still exists after trying the steps in this article, file a support request with VMware Support and note this Knowledge Base article ID (2037544) in the problem description. For more information, see How to Submit a Support Request.
Source:-
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2037544
No comments:
Post a Comment