ESXi Shell Access

Link: https://pubs.vmware.com/ ...

An ESXi system includes a direct console that allows you to start and stop the system and to perform a limited set of maintenance and troubleshooting tasks. The direct console includes the ESXi Shell. The ESXi Shell includes a set of fully supported ESXCLI commands and a set of commands for troubleshooting and remediation. You must enable access to the ESXi Shell from the direct console of each system. You can enable access to the local ESXi Shell or access to the ESXi Shell with SSH.

ESXi Shell Local Access

The ESXi Shell is disabled by default. You can enable the ESXi Shell for troubleshooting from the direct console. All ESXCLI commands that are available in the ESXi Shell are also included in the vCLI package. Install the vCLI package or deploy the vMA virtual appliance, and run commands against your ESXi hosts, instead of running commands in the ESXi Shell itself. See Getting Started with vSphere Command-Line Interfaces.

Enabling the ESXi Shell

You can enable the ESXi Shell from the direct console and from the vSphere Client. Enabling the ESXi Shell means making it accessible as a local console available directly or over an out-of-band network.

To enable the ESXi Shell from the Direct Console

  1. Access the direct console of the ESXi host, press F2, and provide credentials when prompted.
  2. Scroll to Troubleshooting Options, and press Enter.
  3. Select Enable ESXi Shell and press Enter.
    On the left, Enable ESXi Shell changes to Disable ESXi Shell. On the right, ESXi Shell is Disabled changes to ESXi Shell is Enabled.
  4. (Optional) Configure the time-out for the ESXi Shell
    1. Select Modify ESXi Shell timeout and press Enter.
    2. Enter the time-out value in seconds and press Enter.
  5. Press Esc until you return to the main direct console screen.

You can enable the ESXi Shell from the vSphere Client.

To enable the local or remote ESXi Shell from the vSphere Client

  1. Select the host, click the Configuration tab, and click Security Profile in the Software panel.
  2. In the Services section, click Properties.
  3. Select ESXi Shell and click Options.
  4. Change the ESXi Shell options.
    To temporarily start or stop the service, click the Start or Stop button.
    To enable access permanently, click Start and stop with host. The change will take effect the next time you reboot the host.
  5. Click OK.
  6. (Optional) Configure the time-out for the ESXi Shell from the vSphere Client.
    1. In the Configuration tab’s Software panel, click Advanced Settings.
    2. In the left panel, click UserVars.
    3. Locate UserVars.ESXiShellTimeOut and enter the timeout value in minutes.
    4. Click OK.

After you have enabled the ESXi Shell, you can use it from that monitor or through an out-of-band network connection.

Accessing the ESXi Shell with the Direct Console

After you enable ESXi Shell access, you can access the local shell.

To access the local ESXi Shell

  1. At the main direct console screen, press Alt-F1 to open a virtual console window to the host.
  2. Provide credentials when prompted.
    When you type the password, characters are not displayed on the console.
  3. To log out, type exit in the shell.
  4. To return to the direct console, press Alt-F2.

Setting ESXi Shell Timeout

The ESXi Shell timeout setting specifies how long you can leave an unused session open. By default, the timeout for the ESXi Shell is 0, which means the session remains open even if it is unused. If you change the timeout, for example, to 30 minutes, you have to log in again after the timeout period has elapsed. The unit of measurement for the timeout is seconds in the ESXi Shell and minutes in the vSphere Client.


Note: If you are logged in when the timeout period elapses, your session will persist. However, the ESXi Shell will be disabled, preventing other users from logging in.


You can modify the timeout from the Direct Console (in seconds) or from the vSphere Client (in minutes).

To modify the ESXi Shell Timeout

  • In the Direct Console, follow these steps.
    1. Select Modify ESXi Shell timeout and press Enter.
    2. Enter the time-out value in seconds and press Enter.
  • In the vSphere Client, follow these steps.
    1. In the Configuration tab’s Software panel, click Advanced Settings.
    2. In the left panel, click UserVars.
    3. Locate UserVars.ESXiShellTimeOut and enter the timeout value in minutes.
    4. Click OK.

Remote Access to ESXi Shell Using SSH

If Secure Shell is enabled for the ESXi Shell, you can run shell commands by using a Secure Shell client such as SSH or PuTTY.

Enabling SSH for the ESXi Shell

By default, you cannot access the ESXi Shell using a Secure Shell client. You can enable SSH access from the direct console.

To enable SSH access in the direct console

  1. At the direct console of the ESXi host, press F2 and provide credentials when prompted.
  2. Scroll to Troubleshooting Options, and press Enter.
  3. Select Enable SSH and press Enter once.
    On the left, Enable SSH changes to Disable SSH. On the right, SSH is Disabled changes to SSH is Enabled.
  4. Press Esc until you return to the main direct console screen.

You can enable remote command execution from the vSphere Client.

To enable SSH from the vSphere Client

  1. Select the host and click the Configuration tab.
  2. Click Security Profile in the Software panel.
  3. In the Services section, click Properties.
  4. Select SSH and click Options.
  5. Change the SSH options.
    1. To temporarily start or stop the service, click the Start or Stop button.
    2. To enable SSH permanently, click Start and stop with host. The change takes effect the next time you reboot the host.
  6. Click OK.

After you have enabled SSH, you can use an SSH client to log in to the ESXi Shell and run ESXi Shell commands.

Accessing the ESXi Shell with SSH

If SSH is enabled on your ESXi host, you can use an SSH client to run commands on that shell.

To access the ESXi Shell with SSH

  1. Open an SSH client.
  2. Specify the IP address or domain name of the ESXi host.
    Precise directions vary depending on the SSH client you use. See vendor documentation and support.
  3. Provide credentials when prompted.

ESXi Shell Commands

The ESXi Shell includes several sets of commands.

ESXi Shell Commands

Command SetDescription
ESXCLI commandsA large set of new ESXCLI commands supports many administrative tasks. The commands are fully supported and tested by VMware and include command-line help. See Getting Started with vSphere Command-Line Interfaces.
esxcfg- commandsThe esxcfg- commands available in the service console are deprecated. The commands will be removed from the ESXi Shell in a future release. See Reference to Replacements for Service Console Commands.
POSIX-like commandsSee Shell Commands.
localcli commandsSet of troubleshooting commands for use with VMware Technical Support. localcli commands are equivalent to ESXCLI commands but bypass the host daemon (hostd).
Warning: localcli commands are only for situations when hostd is unavailable and cannot be restarted. After you run a localcli command, you must restart hostd. Using localcli commands in other situations is not supported. An inconsistent system state and potential failure can result.

ESXCLI Commands

The ESXi Shell in ESXi 5.0 includes a large set of new ESXCLI namespaces and commands. The complete ESXCLI command set is also part of the vCLI package. The ESXCLI command syntax in ESXi 5.0 is more flexible than the syntax in ESXi 4.x and supports multiple namespaces.

  esxcli [dispatch_option] <namespace> [namespace, ...] <cmd> [cmd_options]

Each command can use an arbitrary number of namespaces, and different commands have a different number of elements. All commands have also been reviewed for consistency and most commands have been renamed. For example:

  • Each get command returns single values.
    esxcli hardware memory get
  • The list commands are used for multiple return values.
    esxcli hardware cpu list

Many commands have options. Use an equal sign or a space between the option and the option value.

esxcli filesystem nfs add –host=<host_name> –share=<share_name> –volume=<volume_name>

esxcli filesystem nfs add –host <host_name> –share <share_name> –volume <volume_name>


Important For a complete list of ESXCLI commands, see the vSphere Command-Line Interface Reference. The vSphere Command-Line Interface Concepts and Examples document illustrates how to perform common tasks with ESXCLI or vicfg- commands.


Shell Commands

In contrast to VMware ESX, VMware ESXi does not include a console OS with a large set of shell commands and other software. However, a small set of shell commands is available in the ESXi Shell.


Important The commands are not tested or supported by VMware. Use VMware commands such as ESXCLI, vicfg- commands, and so on, instead.


You can see a list of commands in /usr/bin. When you list the commands with ls -al, notice that several of the utilities are redirected to commands appropriate in the vSphere environment. The following commands produce different results than typical shell commands.

* Several commands are redirected to vmkvsitools.

Important vmkvsitools is intended for use with VMware Technical Support. Do not use vmkvsitools to manage your system.

* Ping commands are redirected to ''vmkping''.
* Some additional commands are available in the ESXi Shell for certain troubleshooting tasks. Use these commands when instructed by a VMware Knowledge Base article or VMware Technical Support staff.
* User management commands are deprecated.

Go to /usr/bin and run ls -al to see a complete list.


Last modified:: 2016/03/19 16:03