Disabling access to a serial console
Enabled serial console access poses a security risk as attackers could gain access to your VM.
To disable access to a serial console:
- In the management console, select the folder this VM belongs to.
- Select Compute Cloud.
- In the left-hand panel, select Virtual machines and click the name of the VM.
- Click Edit VM.
- Under Additional, disable Serial console access.
- Click Save changes.
In the VM metadata, set serial-port-enable to 0.
If you do not have the Yandex Cloud CLI installed yet, install and initialize it.
By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.
-
Get a list of VMs in the default folder:
yc compute instance listResult:
+----------------------+-----------------+---------------+---------+----------------------+ | ID | NAME | ZONE ID | STATUS | DESCRIPTION | +----------------------+-----------------+---------------+---------+----------------------+ | fhm0b28lgfp4******** | first-instance | ru-central1-a | RUNNING | my first vm via CLI | | fhm9gk85nj7g******** | second-instance | ru-central1-a | RUNNING | my second vm via CLI | +----------------------+-----------------+---------------+---------+----------------------+ -
Select the
IDorNAMEof the VM, e.g.,first-instance. -
In the VM metadata, specify
serial-port-enable=0:yc compute instance add-metadata \ --name first-instance \ --metadata serial-port-enable=0This command will disable the serial console access on the
first-instanceVM.