To SSH or not to SSH — Either way, there is a script!

I’ve had scripts in the past for enabling SSH on all of my VMware Hosts, but recently had a PCI Audit come through requesting that I disable SSH on all hosts in my PCI environment.  Well, that was something I hadn’t done before, but I knew it wouldn’t take long to “reverse engineer” my “enable SSH script” and make a “disable SSH script.”

Below are the different scripts I used for my different environments, and I hope you find them useful.  In the “enable SSH script” it will not only enable SSH, but will also change the default Startup Policy for SSH to “start and stop with the host”…additionally, it suppresses the shell warning you normally see when SSH is enabled on a Host.

In the “disable SSH script” it disables SSH and changes the default Startup Policy back to “start and stop manually.”  Each script is written to function at the Cluster Level in VMware, but you can easily modify it to focus on larger or smaller portions of your environment as needed.

Without further ado, here are the scripts….

Script for Enabling SSH

 

Script to Disable SSH