SSH root access for NSX-T appliance fails with "Access Denied"
Article ID: 375479
Updated On:
Products
VMware NSX
Issue/Introduction
- SSH access with root login was not enabled at NSX-T appliance deployment time.
- Attempts to SSH login with the root user fails with an "Access Denied" error.
- SCP or SFTP will also fail with root login and files cannot be transferred.
- As the admin user, executing:
get service sshshows "root login" enabled and the SSH "service state" as running.
Environment
- VMware NSX-T Data Center 3.x
- VMware NSX
Cause
Although SSH was enabled, the root user is not allowed to login via SSH. PermitRootLogin is commented out in the /etc/ssh/sshd_config file on the affected NSX appliance, as in the following screenshot:
Resolution
- Log in to the NSX-T manager console as root
- Edit SSH config file:
- Open the file for editing by executing:
vi /etc/ssh/sshd_config
- Open the file for editing by executing:
- Modify the configuration:
- Locate the line: "#PermitRootLogin prohibit-password"
- Replace the line with: "PermitRootLogin yes"
- Restart the SSH service:
- Execute the command:
/etc/init.d/ssh restart
- Execute the command:
Note: If root login still fails you may need to enable root login after restarting SSH
- As the admin user, execute:
set ssh root-login
Note:
PermitRootLogin prohibit-password may not be commented out in some cases, but will require the same workaround above to allow root SSH login.
Feedback
Yes
No
Powered by
