VMware Networking Community
Czernobog
Expert
Expert
‎04-23-2020 03:52 AM

NSX-T 2.5 Edge - root pw not set permanently after passwd reset

I need to do a password reset on a few NSX-T Edge Appliances. The Appliances were upgraded in the past from older 2.x versions.

I've used the standard reset procedure from the documentation: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.5/administration/GUID-8816B842-2EC4-40A8-A618-...

Resetting the Passwords of an Appliance

This does not seems to work correctly.

I'Ve reset both the root and admin account passwords.

I've logged in using admin and activated ssh. Then I've logged in again using admin and reset the password expiry for all acounts.

Logging in with root via ssh, using the newly set password, fails!

I redid the procedure for the root password only, after the reboot I still cannot log in with root using ssh, however I can using the VMRC (console).

While logged in via console, I did a passwd & sync, but this did not allow me to log in with ssh.

Note: what prompted me to do the change was, that in the upgrade process to 3.0 a few applainces had their /var/log folder run full. After resetting the root pw and logging in with root via console, I've cleared most of the folder and rebooted the appliance. This did not help with the login issue.

edit:

Solved! My dumb ass forgot to allow root to ssh login in the sshd config. I forgot this was not set in some of the older applainces.

Tags (1)
0 Kudos
1 Reply
RaymundoEC
VMware Employee
VMware Employee
‎05-03-2020 03:10 PM

I had a similar problem a long timer ago, I use this info from a GitHub issue on PKS combined with vmware docs:

  1. Login to nsxt manager prompt with username: admin password: UrPassword!
  2. Enter the command set user admin password TempPasswd1! you will be prompted to enter the current password - Notice on this - at this time the current password is still UrPassword! as the new password you entered when prompted at login does not permanently apply until you enter this command.
  3. Enter the command exit at the prompt to log out, and log back in again with username: admin password: TempPasswd1!
  4. Enter the command set user admin password UrPassword!, you will be prompted to enter your current password: TempPasswd1!
  5. Enter the command exit at the prompt to log out, and log back in again with username: admin password: UrPassword!
  6. Issue these commands as well set user admin password-expiration 9999 and clear user admin password-expiration  9999

hope this helps!

+vRay
0 Kudos