Disabling access to a serial console
Written by
Updated at March 6, 2025
Enabled serial console access poses a security risk as attackers could gain access to your VM.
To disable access to a serial console:
Management console
CLI
- In the management console, select the folder the VM belongs to.
- Select Compute Cloud.
- In the left-hand panel, select Virtual machines and click the name of the VM.
- Click Edit VM.
- Under Additional, disable Access to serial console.
- Click Save changes.
In the VM metadata, set serial-port-enable to 0.
If you do not have the Yandex Cloud CLI yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name or --folder-id parameter.
-
Get a list of VMs in the default folder:
yc compute instance listResult:
+----------------------+-----------------+---------------+---------+----------------------+ | ID | NAME | ZONE ID | STATUS | DESCRIPTION | +----------------------+-----------------+---------------+---------+----------------------+ | fhm0b28lgfp4******** | first-instance | ru-central1-a | RUNNING | my first vm via CLI | | fhm9gk85nj7g******** | second-instance | ru-central1-a | RUNNING | my second vm via CLI | +----------------------+-----------------+---------------+---------+----------------------+ -
Select
IDorNAMEof the VM, e.g.,first-instance. -
In the VM metadata, specify
serial-port-enable=0:yc compute instance add-metadata \ --name first-instance \ --metadata serial-port-enable=0This command will disable the serial console access on the
first-instanceVM.