VMware Cloud Community
VegardK
Contributor
Contributor

vSphere Client says i have wrong password

For some unknown reason after a while I am unable to log into the vmware with vSphere Client. I get the error that I am using the wrong username or password. If i go onto the host esxi and log in with same password, then restart the managament, then all is good. I have tried searching for why this is happening, but cannot seem to figure this out.

I have also reinstalled VMware to see if that helped, but the same problem occured on that as well. On the other hand I am able to use the VMs trough TeamViewer when not beeing able to use vSpehere Client.

Anyone with an idea on what is going on?

Reply
0 Kudos
10 Replies
npadmani
Virtuoso
Virtuoso

please upload hostd.log file here.

location of this file in your ESXi host: /var/log

Narendra Padmani VCIX6-DCV | VCIX7-CMA | VCI | TOGAF 9 Certified
Reply
0 Kudos
VegardK
Contributor
Contributor

Here it is. I do not understand anything inside this file.

But again it failed. Was working fine before dinner, but after dinner i get the standard wrong password. resetting the management agents and I am able to log in again.

EDIT:

Short info of the system.

Asus Z8NA-D6 mainboard with 2 x Intel® 82574L

2 x Xenon X5670

48GB RDIMM memory

So don't see that anything should be wrong here, the network card shows as supported.

Reply
0 Kudos
npadmani
Virtuoso
Virtuoso

I can see following entries multiple times

2016-08-04T13:07:05.782Z info hostd[FFDC3AE0] [Originator@6876 sub=Vimsvc.ha-eventmgr] Event 105 : Remote access for ESXi local user account 'root' has been locked for 120 seconds after 12 failed login attempts.

since ESXi 6 has got a default root account remote access lockout policy which will lock the remote access to ESXi host after certain unsuccessful attempts. Is your host exposed to internet directly with SSH Shell turned on. If so, this could be one of the reason why Remote Access to root account is being locked.

Narendra Padmani VCIX6-DCV | VCIX7-CMA | VCI | TOGAF 9 Certified
Reply
0 Kudos
VegardK
Contributor
Contributor

Ok so this block go away then.

Can't see why there has been this many attempts. As its a new installation with only me accessing it. I was also trying to use Thinbackup which need SSL access, so maybe there is something there. The SSL port is opened to the internett, but it is behind a router on the network.

Reply
0 Kudos
VegardK
Contributor
Contributor

I do not get this. Just got to the computer to log in. and it now says I got the wrong password. There is no one that has tried logging in on this since yesterday.

You said something about the vmware being open to internet? So opening SSL ports etc is a bad thing or?

Will it help creating a new user that has root access?

Reply
0 Kudos
npadmani
Virtuoso
Virtuoso

let's do this.

go to ESXi DCUI,

disable SSH Shell, you will find this under Troubleshooting Options.

wait for about 2 or 3 minutes.

try to login into host using vSphere Client to see if logon is going through successfully.

Narendra Padmani VCIX6-DCV | VCIX7-CMA | VCI | TOGAF 9 Certified
Reply
0 Kudos
VegardK
Contributor
Contributor

Well i need SSH for Thinbackup to work. So is there another way around this?

Reply
0 Kudos
npadmani
Virtuoso
Virtuoso

another way is, try to configure ESXi firewall rule to accept connection on SSH Server (22) from only particular IP or range of IPs only.

do not leave it open to accept connection from all the IPs.

see following post, it will give you some step by step instructions about how to do it.

http://www.vladan.fr/esxi-firewall/

Narendra Padmani VCIX6-DCV | VCIX7-CMA | VCI | TOGAF 9 Certified
VegardK
Contributor
Contributor

That sounds like a good way. Do you know if I can use MAC instead of IP? Then when moving my laptop to other locations it will still be allowed to access.

Reply
0 Kudos
npadmani
Virtuoso
Virtuoso

no, MAC address cannot be used in ESXi firewall.

Narendra Padmani VCIX6-DCV | VCIX7-CMA | VCI | TOGAF 9 Certified
Reply
0 Kudos