• Attempting to access NSX appliances (NSX Managers or Edges) via CLI or SSH with non system generated local user accounts gives an access denied error or the the session resets. This includes remote users such as AD users and added local users. 
• The authentication fails, and the following log entries are recorded in /var/log/auth.log on the NSX Manager/Edge:

  • - pam_unix(sshd:auth): authentication failure; 
    - Failed password for invalid user user <Username> from <source IP> port <source port> ssh2

VMware NSX

VMware NSX-T Data Center

Only the root, admin, and audit local user accounts are permitted to access NSX appliances via SSH and CLI.

Note: User-added local accounts or system-generated local accounts (guestuser1 and guestuser2) are not authorized to access the CLI.

Utilize local system user accounts(root, admin & audit) to directly access NSX appliances via SSH and CLI (admin is recommended for administrative tasks).

The ability to add local users is only available in 4.1 onwards (Admin guide 4.1 - Adding local users).