TerryY
Contributor
Contributor

ESXi cannot ssh with root or other admin account

Hello All,

here is a problem need your comments.

ESXi 6.7 ,managed by VCSA 6.7

ESXi host web client can be login with root and other admin users ,all of users are local .

DCUI can be login with root and other users ,

but SSH to host with root or other users ,shows access denied and ESXi shell as well.

ssh and shell are all enabled in DCUI.

I checked auth.log

2022-01-26T08:48:13Z sshd[2467219]: FIPS mode initialized
2022-01-26T08:48:13Z sshd[2467219]: Connection from XXXX port 10863
2022-01-26T08:48:14Z sshd[2467221]: pam_access(sshd:auth): access denied for user `admin' from `XXXX'
2022-01-26T08:48:21Z sshd[2467219]: error: PAM: Permission denied for admin from XXXX
2022-01-26T08:48:21Z sshd[2467222]: pam_access(sshd:auth): access denied for user `admin' from `XXXXX'
2022-01-26T08:48:31Z sshd[2467219]: Connection closed by authenticating user admin XXXX port 10863 [preauth]
2022-01-26T08:48:33Z sshd[2467223]: /etc/ssh/sshd_config line 24: Unsupported option PrintLastLog
2022-01-26T08:48:33Z sshd[2467223]: FIPS mode initialized
2022-01-26T08:48:33Z sshd[2467223]: Connection from XXXX port 10875
2022-01-26T08:48:33Z sshd[2467225]: pam_access(sshd:auth): access denied for user `admin' from `XXXX'

2022-01-26T08:48:45Z sshd[2467245]: pam_access(sshd:auth): access denied for user `root' from `XXXX'
2022-01-26T08:48:55Z sshd[2467243]: error: PAM: Permission denied for root from XXXXX
2022-01-26T08:48:55Z sshd[2467259]: pam_access(sshd:auth): access denied for user `root' from `XXXX'
2022-01-26T08:48:56Z sshd[2467243]: Connection closed by authenticating user rootXXXXX port 10888 [preauth]
2022-01-26T08:48:34Z sshd[2467223]: Connection closed by authenticating user admin XXXX port 10875 [preauth]
2022-01-26T08:48:45Z sshd[2467243]: /etc/ssh/sshd_config line 24: Unsupported option PrintLastLog
2022-01-26T08:48:45Z sshd[2467243]: FIPS mode initialized
2022-01-26T08:48:45Z sshd[2467243]: Connection from XXXX port 10888

management agent already restarted ,but still same

I assumed that the root is locked,but if the root is locked,the web client should not be login.

Since I have go through lots of document, I have no idea since the Shell cannot login either.

any idea to get the /etc/security/access.conf information and edit it without login shell?

thanks.

 

 

Labels (1)
  • ea

Tags (4)
0 Kudos
0 Replies