Disabling access to the serial console

    Serial console access is not secure, so enabling it might allow hackers to access your VM.

    To disable access to the serial console, set the serial-port-enable parameter in the virtual machine metadata to 0.

    If you don't have the Yandex.Cloud command line interface yet, install it.

    The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

    1. Get a list of VMs in the default folder:

      $ yc compute instance list
      |          ID          |       NAME      |    ZONE ID    | STATUS  |     DESCRIPTION      |
      | fhm0b28lgfp4tkoa3jl6 | first-instance  | ru-central1-a | RUNNING | my first vm via CLI  |
      | fhm9gk85nj7gcoji2f8s | second-instance | ru-central1-a | RUNNING | my second vm via CLI |
    2. Select the ID or NAME of the VM (for example, first-instance).

    3. Set the serial-port-enable=0 parameter in the VM metadata:

      $ yc compute instance add-metadata \
          --name first-instance \
          --metadata serial-port-enable=0

      This command will start the operation to deactivate the serial console on the VM named first-instance.