ESXi: esxi-8.ssh-idle-timeout-count

Information

The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions. System services must be hardened and secured when enabled. The timeout count, multiplied by the idle timeout interval, is the total number of seconds the session may be idle until it is disconnected.

Solution

$ESXcli = Get-EsxCli -VMHost $ESXi -V2
$arguments = $ESXcli.system.ssh.server.config.set.CreateArgs()
$arguments.keyword = 'clientalivecountmax'
$arguments.value = '3'
$ESXcli.system.ssh.server.config.set.Invoke($arguments)

See Also

https://github.com/vmware/vcf-security-and-compliance-guidelines/raw/refs/heads/main/security-configuration-hardening-guide/vsphere/8.0/