Disabling access to the serial console
Serial console access is not secure, so enabling it might allow hackers to access your VM.
To disable access to the serial console, set the serial-port-enable
parameter in the virtual machine metadata to 0
.
If you don't have the Yandex.Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
Get a list of VMs in the default folder:
$ yc compute instance list +----------------------+-----------------+---------------+---------+----------------------+ | ID | NAME | ZONE ID | STATUS | DESCRIPTION | +----------------------+-----------------+---------------+---------+----------------------+ | fhm0b28lgfp4tkoa3jl6 | first-instance | ru-central1-a | RUNNING | my first vm via CLI | | fhm9gk85nj7gcoji2f8s | second-instance | ru-central1-a | RUNNING | my second vm via CLI | +----------------------+-----------------+---------------+---------+----------------------+
-
Select the
ID
orNAME
of the VM (for example,first-instance
). -
Set the
serial-port-enable=0
parameter in the VM metadata:$ yc compute instance add-metadata \ --name first-instance \ --metadata serial-port-enable=0
This command will start the operation to deactivate the serial console on the VM named
first-instance
.