Configure passwordless authentication for ESXi – connect with publickey/privatekey

If you try to setup passwordless authentication for a Linux machine on your ESXi host and follow the same procedure that you would follow for a simple Linux box, the result will be a failure.

Normally you should do

ssh-keygen 

to create your pub, private keys and then

ssh-copy-id root@esxihost

to copy your keys on the esxi host. However this will not work and an additional step is required.

You should copy by your own the public key of your Linux machine to the ESXi host.

First of all enable ssh on the host and connect to the host.

The go to esxi and copy your public key under /etc/ssh/keys-root on authorized_keys. Keep in mind that permissions of this file should not be changed, otherwise it will not work.

After those actions you will be able to login passwordless on your esxi.

Update standalone ESXi host with esxcli

There are multiple ways available to patch a VMware Infrastructure. Two of the very common ones are through Update Manager or esxcli.

Update Manager enables centralized, automated patch and version management for VMware vSphere and offers support for VMware ESXi hosts, and virtual machines. Unfortunately it is available only on vCenter deployments and you cannot use it on standalone hosts.

When you need to update a standalone host you can follow the procedure described below.

In my case I wanted to patch an ESXi host from 6.7 Build 8941472 to 6.7 Build 9484548.

First you download the patch definitions from VMware site. In my case I needed to download the below bundle package:

Then, the package should be uploaded to the local or any available datastore so that host can access it. Also ssh should be enabled so that one can connect on the host with root account.

file upload can be performed from the available esx host GUI

change directory and find the location of the file

Lastly execute the below command, and reboot the host

esxcli software vib update --depot filePath

The version available after the reboot, should be the new one