Link to home
Start Free TrialLog in

asked on

Winscp - esxi 6.5 can't connect - what am I missing????

Hi all

Was actually trying to connect to an esxi 6.5 host via winscp. I like the idea of backing up the VMs to external air-gaped backup for the VMs

I have done this in several other installs but not sure what I could be missing here - I can't get it to connect to either one of the two hosts?

I can access each host from the same computer via browser, I enabled ssh.

Thoughts ideas as to what I may be missing and cannot connect?

Keeps looking for host an times out with.

I disabled Win 10 firewall as well for testing

User generated imageThanks guys!!!

Avatar of Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Flag of United Kingdom of Great Britain and Northern Ireland image

SSH enabled ?

Have you copied VMs before using SCP, it's very slow, and the VMs also need to be powered off.

Can you connect to the correct IP Address/FQDN you are using, using SSH/PuTTY.

You are using the correct protocol ?


Hey Andrew!
User generated image
Hey Andrew
What I was doing was a clone so I don't have to bring down the VM and then coping the clone.
Andrew - you would know this. Upon testing a restore of a vmserver (restored it to another datastore, but network disconnected, it came up perfectly BUT it said it was not activated and needed internet connectivity to activate.  In your experience, is it safe to assume, I should be able to re-activate it, if I were to bring it up with connectivity?
The protocol selected in winscp is sftp.
I am open to suggestions, just found winscp to be an easy means of doing it over the years.

Thank you so much.
If you want to do a CLONE, why not Right-Click the VM, and select CLONE ?

did you confirm you could connect with SSH ?
I do a clone and I want it air-gaped for now, until we get them to move to air-gaped backup.
I tried using putty - connection timed out...
okay, so SSH is not listening, talking or enabled.

Enable ESXi Shell, and also enable SSH, restart  those services if required.
Hey Andrew
Tried the following
User generated image
Putty set for ssh
entered ip address/open/just get this after pressing enter...
User generated image
if you telnet to port 22 on the IP Address of the ESXi server, can you confirm it's running SSH ?
Hey Andrew
User generated image
I tried using putty with ssh selected and just get back this - after pressing enter
No prompt for password etc - just a connection timed out
User generated image
and using telnet, do you get a connection to confirm if it's listening ?

telnet 22

Open in new window

this should connect, it will not show a password response, but will confirm the IP Address is listening on Port TCP 22.

it may even respond with

SSH-2.0-OpenSSH_8.1 or something similar.
Hey Andrew
User generated image
Yet this is how the services are set
User generated image
Avatar of Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial

Thank you, thank you thank you!  SSH server under firewall was not allowing connection it was enabled but from no IP addresses.
Looks good now.
You're the best!

Thanks for your kinds words!

telnet is a handy tool to have in your toolkit for testing TCP ports, to check if listening.

Glad it's fixed.

All the best

Andrew - can I ask you a question?  If I have two hosts one running 6 VMs (local storage) the other host is a hotspare, and I am simply replicating VMs via Veeam nightly, just incase of a catastrophic HW failure on host1.
I am currently replicating it nightly which takes 5 hours.

Due to concerns of Ransomware - what if I had an unmanaged switch, with a timer, so it connects for the replication window, then powers off the switch so it is air-gaped, powers up for backup window etc. Even consider making this a 3x a week event, to keep it off the network. Could this work?
Rudimentary- but perhaps safe - no?  How would VCSA react as it loses connection to the second host, or would it simply retry and reconnect?
Just trying to leverage the heck out of the second host...
Please let me know your thoughts.  
FYI - also backing up to removable disk cartridges, should be doing cloud-based backup possible Acronis for DR but that will take time to get there...
This is better being posted as a new question and myself or other experts can answer
Thank you.  Will do
I appreciate it