Goodmorning everyone,
I am writing to report abnormal behavior of my ESXi version 6.0 U2 servers
The computer problem is simple but quite annoying (and dangerous), it is access through vSphere interface on Windows clients.
When I try to access it from my computer with the vpshere client (he also upgraded to the latest version) is returned to me the message "can not complete two login to an incorrect username or password"
The credentials used to access are correct but the system seems not transpose correctly.
If I enable SSH password it is not recognized, however, and the error is the same.
I read the guide to the errors:
but I do not find resolution to my problem.
Vmware server has no special configuration and use the classic root account, yesterday I upgraded from 6 to 6 U2 but it has not changed
Mysteriously after a few hours you unlock the interface and the login is completed without errors
You can guide me to the resolution?
Many thanks
Francesco
Hi Andreas,
meanwhile, thanks for the warm bevenuto the forum, it is a pleasure to meet and talk to you about topics that fascinate us and make us work and sweat a lot 
I actually checked the parameter that indicavi and I think you did the center.
I have some doubts, however, about, I'll explain the situation:
- My esxi is not accessible directly from the outside, for obvious safety reasons,
- In the internal network is installed and configured a backup system (Nakivo http://www.nakivo.com/) that performs constant bailouts of all the VM machines on my 6.0 U2
- Access through the latter program is via SSH and root account
- I access my vsphere also using the user root
My questions at this point are:
- Why the account is locked for X seconds if the passwords entered are correct? In this case there are no attempts failed login (the password that I enter is correct)
- We have other installations, very similar. At other clients (at least 5). Esxi same version of the same backup system, same configuration with ssh access by the root user. In these cases, however, I have never encountered similar cases. I am puzzled
Do you think the nakivo freezes somehow the SSH connection, and therefore the user its root?
Maybe I can get it to connect via SSH with a different user created specifically?
Or should modify only on the parameters that you specified in the previous post?
I think we are getting closer to the solution
I attach a screenshot of my situation on the log, you see there are many blocked access and also to other types that do not recognize (Java ??)
Thank you for the valuable support
Francesco
Hello friends,
I think I found the guilty
Incorrect configuration (and dangerous) on the firewall that was previously created and never modified
Basically a rule that opened the SSH port 22 was active towards the internet, so horde of connections attempted to authenticate (I assume in brute force) via SSH on vmware with root account.
Consequently ESX blocked the root user
I realized it was the fault of the door open ssh consulting the authentication log on the web vpshere interface. They could see a lot of external ip attempting to authenticate ... ARGH!
It was easier than I imagined
Keep monitored the situation but I think I came to the solution
Thank you all for the valuable support, we surely will write again !!
Francesco