Disabling access to a serial console
Enabled serial console access poses a security risk as attackers could gain access to your VM.
To disable access to a serial console:
- In the management console, select the folder this VM belongs to.
- Go to Compute Cloud.
- In the left-hand panel, select Virtual machines and click the name of the VM.
- Click Edit VM.
- Under Additional, disable Serial console access.
- Click Save changes.
In the VM metadata, set serial-port-enable to 0.
If you do not have the Yandex Cloud CLI yet, install and initialize it.
The folder used by default is the one specified when creating the CLI profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also specify a different folder for any command using --folder-name or --folder-id. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.
-
Get a list of VMs in the default folder:
yc compute instance listResult:
+----------------------+-----------------+---------------+---------+----------------------+ | ID | NAME | ZONE ID | STATUS | DESCRIPTION | +----------------------+-----------------+---------------+---------+----------------------+ | fhm0b28lgfp4******** | first-instance | ru-central1-a | RUNNING | my first vm via CLI | | fhm9gk85nj7g******** | second-instance | ru-central1-a | RUNNING | my second vm via CLI | +----------------------+-----------------+---------------+---------+----------------------+ -
Select the
IDorNAMEof the VM, e.g.,first-instance. -
In the VM metadata, specify
serial-port-enable=0:yc compute instance add-metadata \ --name first-instance \ --metadata serial-port-enable=0This command will disable the serial console access on the
first-instanceVM.