After enabling Local Tech Support Mode on an ESXi host via the DCUI (Direct Console User Interface), a yellow balloon styled warning will be displayed in the vSphere Client:
The Local Tech Support Mode for the host has been enabled
Likewise, if you’ve enabled Remote Tech Support Mode via SSH, you’ll see:
Remote Tech Support Mode(SSH) for the host has been enabled
KB Article 1016205 describes this condition as a security measure. Adhering to the warnings would be a best practice for a production or high risk environment. However, for lab, development, or environments with adequate perimeter security, it may be desirable to have either or both modes enabled but the warnings throughout the vSphere Client aren’t welcomed.
The VMware KB article goes on to say that there is no way to eliminate the warnings while leaving Local or Remote Tech Support Mode enabled.
Disabling Remote Tech Support Mode (SSH) and Local Tech Support Mode is the only way to prevent this warning.
While there may not be be an advanced configuration exposed, rebooting the host eliminates the conditional warnings. It has also been reported in the VMware community forums that restarting the hostd service also works as follows, but as a side effect, will likely and temporarily disconnect the host from a vCenter Server:
/etc/init.d/hostd restart
I always wondered what would happen if I accidentally hit the publish button while writing a post… 🙂
Log into the console and restart the management agents under Troubleshooting Mode Options.
I thought it was weird post :-).
Unfortunately, the warning message DOES NOT go away after installing ESXi 4.1 update 2. You can reboot the host as often as you like, the security issue message remains. 🙁
Thomas – you may be right about the warning persisting after a reboot of a host (in 4.1 U 2)… but there is a new option that you can switch this thing off.
Host – configuration – software – advanced settings – UserVars – scroll down, find the option for “SuppressSShellWarning” which is “Enable or Disable the Tech Support Mode warning”.
Looks like VMware has seen the validity of looking at it both ways. Some clients are using hosted ESXi servers and do not have a physical console (DCUI – KVM) and only have limited access to an iLO console. Those guys NEED the SSH access.