Hi All,
Is there a way to disable the weak ciphers on ESXi using PowerCLI ?
I see that manually, we can edit the sshd_config file to remove the ciphers from the cipher list. However, if we have to automate the process , is there a way in PowerCLI to do this ?
I tried this : https://www.shogan.co.uk/vmware/using-plink-to-modify-esxi-host-configuration-files-via-ssh-from-a-powercli-script/
==========================
$Server = Read-Host -Prompt 'Input your server IP/FQDN'
$User = Read-Host -Prompt 'Input the user name'
$Password = Read-Host -Prompt 'Input password'
$vmhostName = Read-Host -Prompt 'Input ESXi name'
#Connect to server
Connect-VIServer -Server $Server -User $User -Password $Password
#getting host object
$esxhost = Get-VMHost -Name $vmhostName
#check status of SSH servcie, start if it is not running
$sshService = Get-VmHostService -VMHost $esxhost | Where { $_.Key -eq “TSM-SSH”}
if(!$sshService.Running.Equals("True"))
{
Write-Host "Starting the SSH service"
Start-VMHostService -HostService $sshService -Confirm:$false
}
cmd /c "C:\Stuff\plink.exe -ssh -pw VMware123! -noagent -m C:\Stuff\commands.txt root@esxi-1.gsslabs.org > C:\Stuff\output.txt 2> C:\Stuff\error.txt"
====================
However this doesn't seem to work. Any suggestions are appreciated.