• Prior to NSX-T 3.2.0, SSH root access can only be configured during the NSX manager deployment.
• Starting with NSX-T 3.2.0 and above, root SSH access can be configured/modified after deployment using the Admin CLI.

• Login to the NSX manager as user admin and follow through the steps below.
• To get the SSH service status of NSX manager

> get service ssh
Service name:      ssh
Service state:     running
Start on boot:     True
Root login:        disabled

Note: If SSH service is not running, PUTTY/SSH of NSX manager won't connect. In that case, login to the vCenter server web interface where the NSX manager is present and directly access the console of NSX manager. Login as user admin and run the command start service ssh 

Re-run the command get service ssh to ensure service state shows as running. You can now open the PUTTY/SSH and connect to the NSX manager command line interface.

• To enable root SSH login of NSX manager, login to the NSX manager as user admin and run the command below. This is used to connect to the putty/ssh of the NSX manager directly as root.
  
  > set ssh root-login

> get service ssh
Service name:      ssh
Service state:     running
Start on boot:     True
Root login:        enabled
  
  
• To disable the direct root SSH, login to the NSX manager as user admin and run the commands below.

     > clear ssh root-login

     > get service ssh
     Service name:      ssh
     Service state:     running
     Start on boot:     True
     Root login:        disabled

• To login to the root user via admin cli, login to the NSX manager as user admin and run the command below. 

     > st en
     Password:

• Provide the root user password of NSX manager to proceed with the login