Disabling access to a serial console
Written by
Updated at March 6, 2025
Enabled serial console access poses a security risk as attackers could gain access to your VM.
To disable access to a serial console:
Management console
CLI
- In the management console
, select the folder the VM belongs to. - Select Compute Cloud.
- In the left-hand panel, select
Virtual machines and click the name of the VM. - Click
Edit VM. - Under Additional, disable Access to serial console.
- Click Save changes.
In the VM metadata, set serial-port-enable
to 0
.
If you do not have the Yandex Cloud CLI yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name
or --folder-id
parameter.
-
Get a list of VMs in the default folder:
yc compute instance list
Result:
+----------------------+-----------------+---------------+---------+----------------------+ | ID | NAME | ZONE ID | STATUS | DESCRIPTION | +----------------------+-----------------+---------------+---------+----------------------+ | fhm0b28lgfp4******** | first-instance | ru-central1-a | RUNNING | my first vm via CLI | | fhm9gk85nj7g******** | second-instance | ru-central1-a | RUNNING | my second vm via CLI | +----------------------+-----------------+---------------+---------+----------------------+
-
Select
ID
orNAME
of the VM, e.g.,first-instance
. -
In the VM metadata, specify
serial-port-enable=0
:yc compute instance add-metadata \ --name first-instance \ --metadata serial-port-enable=0
This command will disable the serial console access on the
first-instance
VM.