Currently there is no resolution. VMware engineering is aware of the issue and is working on a fix.
Please subscribe to this article for being informed as soon as a fix has been made publicly available
Workaround:
To work around this issue, you can use the following steps:
- Edit the host profile and add a backslash (\) iin front of each of the 2 double quotes, so they are properly being escaped, so in Security and Services > Security Settings > Security > User Configuration > root instead of:
from="1.2.3.4" ssh-rsa <hash>
use:
from=\"1.2.3.4\" ssh-rsa <hash>
- Remediate the host(s) against the host profile.
At this stage, the entry for the key string in /etc/ssh/keys-root/authorized_keys now has the correct format, and keybased SSH authentication can be used. However, the host will be non-compliant to the host profile.
To make it compliant, please continue:
- Edit the host profile again, and remove the 2 backslash characters (/) that were added in step 1, back from:
from=\"1.2.3.4\" ssh-rsa <hash>
to:
from="1.2.3.4" ssh-rsa <hash>
- Do another compliance scan of the host against the profile. Now it is compliant.