Hi all
It seems that authentication only requires the first 8 characters to be correct. My root password is 11 characters long, but so long as the first 8 characters are correct, I can put whatever I like after that and it still authenticates me. Tested this on three ESXi boxes, all running 260247 (release)
It works (so far) on Local tech support login, and when adding host to vCenter inventory. Have not tested with ESX
Is this normal?
No I did not
Maish - VCP - vExpert 2010
VMware Communities User Moderator
Virtualization Architect & Systems Administrator
I installed a copy of build 260247 in Workstation with a 10 digit password. I can reproduce the same results.
As long as the first 8 characters are correct I can enter only the 8 or anything after the 8 and it will accept it and log me in.
VMware VCP - Consider awarding points for "helpful" and/or "correct" answers.
I confirm the issue with ESXi4.1.0 fresh or upgrade from ESXi4.0.
The workaround would be:
1- vi /etc/pam.d/system-auth and change this line accordingly:
password sufficient /lib/security/$ISA/pam_unix.so use_authtok nullok md5 shadow
save and exit the file with :wq!
2- change your password in DCUI,
3- verify that it has encrypted your root’s password using MD5 algorithm: cat /etc/shadow <- If root’s password hash starts with a ‘$1$‘ then MD5 algorithm was used.
N.B. Don't do that in a production environment!
Read more at deinoscloud.wordpress.com
I wish I was a virtual machine
http://deinoscloud.wordpress.com
thanks for sharing the tips in how to make it secure, however, may i know why you' suggesting "Don't do that in a production environment" ?
In general when you access tech support mode you should do under the guidance of VMware support. For this issue the "supported" change is documented here - http://kb.vmware.com/kb/1024500.
Dave
VMware Communities User Moderator
Now available - vSphere Quick Start Guide
Do you have a system or PCI card working with VMDirectPath? Submit your specs to the Unofficial VMDirectPath HCL.
Patch was released today
New Patch released - VMSA-2010-0016
Maish
VMware Communities User Moderator
- @maishsk