Copy Files between vmware ESXi Hosts by using SCP

scp command allows files to be copied between two vmware ESXi hosts. It uses SSH for data transfer and provides the same authentication and level of security as SSH.

In this blog post, we will see how to copy files between vmware ESXi hosts by usng SCP. We will also see how to fix below error during the copy process.

“rekeyed outbound cipher” “rekeyed inbound cipher” and copy process is getting stalled.

Steps to copy files between ESXi hosts using SCP

  1. First make sure the Port 22 is open between source and destination ESXi host. To test port 22 from source or destination, you can follow below steps:
  • Connect to Source ESXi Host using Putty. Open Putty -> Type the IP Address of ESXi Host and connect on port 22 to open the shell. Login using root or admin account.
  • Use the command nc -z <destination esxi host ip> <destination port number>. For example if the destination ESXi host is 10.20.88.4 then use command nc -z 10.20.88.4 22 to check if port 22 is opened. You should see a succeeded ! message if the port is opened.
nc -z 10.20.88.4 22
Test Port 22 from vmware ESXi host using nc command
  1. On source and destination ESXi hosts make sure TSM-SSH Service is in Running State. To check if this running, follow below steps:
  • Launch vmware ESXi management portal.
  • Click on Manage on the left hand side.
  • Click on Services tab.
  • Fing TSM-SSH service from the list and make sure the status is showing as Running.
Verify if TSM-SSH Service is running on vmware ESXi host
Verify if TSM-SSH Service is running on vmware ESXi host
  1. Make sure SSH Client in ESXi Networking Firewall rules is Enabled on both source and destination ESXi hosts. To check if this SSH Client is enabled, follow below steps:
  • Launch vmware ESXi management portal.
  • Click on Networking on the left hand side.
  • Click on Firewall rules tab.
  • Click on SSH Client and then Click on Actions.
  • Click on Enable to enable SSH Client.
Enable SSH on ESXi Hosts
  1. Copy files between two Esxi hosts using SCP Command.

scp <source file or folder path> root@<destination esxi hostname or IP>:<destination folder path>

Example

scp /vmfs/volumes/datastore1/server1/* [email protected]:/vmfs/volumes/LocalDataStore/server1
Copy files between two Esxi hosts using SCP Command
Example of scp command

“rekeyed outbound cipher” “rekeyed inbound cipher” and copy process is getting stalled error

After you run scp command to copy the data across to destination ESXi. You may get messages like “rekeyed outbound cipher” “rekeyed inbound cipher” with stalled status.

Below is a screenshot of the stalled error message.

rekeyed outbound cipher rekeyed inbound cipher copy process is getting stalled
copy process is getting stalled error

Despite the stalled error, It may keep on trying to copy the files and you will get rekeyed outbound cipher and rekeyed inbound cipher message repeatedly. Below is the screenshot which shows the error message.

rekeyed outbound cipher rekeyed inbound cipher copy process is getting stalled
“rekeyed outbound cipher” “rekeyed inbound cipher”

The workaround is to use the -l switch of the command and throttle the bandwidth. You can adjust the value of -l switch according to your requirement. You can start with higher value and keep on throttling / lowering the value till you find its running successfully without any issues.

-l limit – Limits the used bandwidth, specified in Kbit/s.

1 MB/s = 8192 Kbit/s.

scp -l 8192 /vmfs/volumes/datastore1/server1/* [email protected]:/vmfs/volumes/LocalDataStore/server1

Below is the screenshot of the scp command with -l switch. It does not show stalled error message any more and data is being between two vmware ESXi hosts successfully.

rekeyed outbound cipher rekeyed inbound cipher copy process is getting stalled
Copy process is getting stalled error fixed

Conclusion

In this blog post, we have seen how to copy files between two vmware ESXi hosts using SCP command. Also, if you get stalled error message during the copy process you can fix it by limiting the bandwidth for the copy operation using -l switch. This should fix this issue and copy the data between two ESXi hosts.

1 thought on “Copy Files between vmware ESXi Hosts by using SCP”

  1. While using rsync on ESXi 7 to copy files and directories from one ESXi datastore to another remote ESXi datastore, the screen fills with “rekeyed outbound cipher rekeyed inbound cipher” messages about every 10 seconds. There is a way to fix this.

    There is a setting in /etc/ssh/sshd_config that I commented out and changed to RekeyLimit default none.

    # vPP FCS_SSH_EXT.1.7: rekey after 1GB, 1H (instead of default 4GB for AES)
    RekeyLimit default none
    #RekeyLimit 1G, 1H
    Restart the service on the target ESXi.

    /etc/init.d/SSH restart
    Stop the rsync from the source ESXi and restart it. No more messages.

    What is the rekeylimit?

    Reply

Leave a Comment