ESXi

 View Only

ESXi cannot ssh with root or other admin account

  • 1.  ESXi cannot ssh with root or other admin account

    Posted Jan 27, 2022 03:33 AM

    Hello All,

    here is a problem need your comments.

    ESXi 6.7 ,managed by VCSA 6.7

    ESXi host web client can be login with root and other admin users ,all of users are local .

    DCUI can be login with root and other users ,

    but SSH to host with root or other users ,shows access denied and ESXi shell as well.

    ssh and shell are all enabled in DCUI.

    I checked auth.log

    2022-01-26T08:48:13Z sshd[2467219]: FIPS mode initialized
    2022-01-26T08:48:13Z sshd[2467219]: Connection from XXXX port 10863
    2022-01-26T08:48:14Z sshd[2467221]: pam_access(sshd:auth): access denied for user `admin' from `XXXX'
    2022-01-26T08:48:21Z sshd[2467219]: error: PAM: Permission denied for admin from XXXX
    2022-01-26T08:48:21Z sshd[2467222]: pam_access(sshd:auth): access denied for user `admin' from `XXXXX'
    2022-01-26T08:48:31Z sshd[2467219]: Connection closed by authenticating user admin XXXX port 10863 [preauth]
    2022-01-26T08:48:33Z sshd[2467223]: /etc/ssh/sshd_config line 24: Unsupported option PrintLastLog
    2022-01-26T08:48:33Z sshd[2467223]: FIPS mode initialized
    2022-01-26T08:48:33Z sshd[2467223]: Connection from XXXX port 10875
    2022-01-26T08:48:33Z sshd[2467225]: pam_access(sshd:auth): access denied for user `admin' from `XXXX'

    2022-01-26T08:48:45Z sshd[2467245]: pam_access(sshd:auth): access denied for user `root' from `XXXX'
    2022-01-26T08:48:55Z sshd[2467243]: error: PAM: Permission denied for root from XXXXX
    2022-01-26T08:48:55Z sshd[2467259]: pam_access(sshd:auth): access denied for user `root' from `XXXX'
    2022-01-26T08:48:56Z sshd[2467243]: Connection closed by authenticating user rootXXXXX port 10888 [preauth]
    2022-01-26T08:48:34Z sshd[2467223]: Connection closed by authenticating user admin XXXX port 10875 [preauth]
    2022-01-26T08:48:45Z sshd[2467243]: /etc/ssh/sshd_config line 24: Unsupported option PrintLastLog
    2022-01-26T08:48:45Z sshd[2467243]: FIPS mode initialized
    2022-01-26T08:48:45Z sshd[2467243]: Connection from XXXX port 10888

    management agent already restarted ,but still same

    I assumed that the root is locked,but if the root is locked,the web client should not be login.

    Since I have go through lots of document, I have no idea since the Shell cannot login either.

    any idea to get the /etc/security/access.conf information and edit it without login shell?

    thanks.