Comments 7

    1. Post
      Author

      Well it depends on what you mean by safe. Technically, it is safe. There are only two possible values for this setting, 0 and 1 with 0 being the default. When set to 0 a warning (yellow exlamation mark) on your host will always be displayed when you have SSH enabled. When set to 1 the warning is not displayed if you have SSH enabled.

      Now from a policy perspecitive, your company may want to know when SSH is enabled on your hosts, so disabling the warning may violate your companies’ policies.

  1. Yep this is a cool thing to use when working on a test or a home lab but it will be a risk if you apply this in a live/ production envirement.
    nice shot anyway.

    1. Post
      Author

      IMO there is no risk to running this in a production environment. All it is doing is getting a list of ESXi hosts connected to your vCenter server and then changing one advanced setting on each host. This setting either displays a warning (or doesn’t) when SSH is enabled on a host, nothing else.

  2. I agree that the security risk is minimal for enabling SSH.

    also i think are slowing this command down a lot. the connection only needs to happen once

    connect-viserver
    get-vmhost | Set-VMHostAdvancedConfiguration UserVars.SuppressShellWarning 1

    thats all you need. Thakns for the post

    1. Post
      Author

      Thanks for the comment Justin. You are correct, doing it that way is more efficient and does work. I’ve had issues in the past with some per-vmhost advanced settings and root password changes and had to work around them by individually connecting to each host, although in this case it appears that the workaround isn’t warranted. I’ll update the code.

  3. I just wanted to add that the UserVars.SuppressShellWarning seems to be case sensitive. My first attempts failed with an exceeding shell warning error.

Leave a Reply to jcoen Cancel reply

Your email address will not be published. Required fields are marked *

*