Login to Aria Operations node via SSH/Web console using root fails with "Login Incorrect" error
search cancel

Login to Aria Operations node via SSH/Web console using root fails with "Login Incorrect" error

book

Article ID: 390292

calendar_today

Updated On: 07-02-2025

Products

VMware Aria Operations (formerly vRealize Operations) 8.x

Issue/Introduction

  • When attempting to log in to an Aria Operations node via SSH or the web console using root, the system returns a "Login incorrect" error without prompting for a password.
  • This issue prevents administrators from accessing the node for troubleshooting or configuration purposes.

Environment

Aria Operations 8.18.x

Cause

This issue is typically caused by corruption in the /etc/pam.d/system-auth file. Two common causes for this corruption are:

  • STIG Compliance Update Issue: During an upgrade, the STIG (Security Technical Implementation Guide) rules, which are designed to ensure system security, may have failed to update the system-auth file on the affected node. This usually happens when the STIG update cannot find or match certain patterns in the file, leading to the corruption.
  • Manual Modifications: The system-auth file may have been manually modified on the affected node, which could lead to incorrect configuration and the login issue.

Resolution

To resolve this issue, follow these steps:

1. Copy the Correct system-auth File:

    • Login to the affected node in grub mode.
    • Copy the contents of the /etc/pam.d/system-auth file from a functioning Aria Operations node to the affected node.
    • Ensure that the contents of the file are updated as follows:

# Begin /etc/pam.d/system-auth

auth required pam_faillock.so preauth

auth required pam_unix.so nullok no_pass_expiry

auth required pam_faillock.so authfail

auth optional pam_faildelay.so delay=4000000

 

2. Reset the Root Password:

Additional Information

  • After applying the correct system-auth file, the issue should be resolved, and you should be able to log in to the node via SSH or the web console.
  • It is recommended to validate the configuration and ensure there are no further file corruptions following system updates or manual changes.