• Any user with `shell=/bin/appliancesh` ssh to the vc the password is prompted twice
• VC configured with 3rd party PAM authentication(Ex:CyberArk,Arcon etc)  might also prompt for password.
• Journalctl (journalctl -b -0 | less) logs reports below errors:

Mar xx xx:xx:xx VC_FQDN snmpd[2175]: P3 13771: init_partition_mounts: read /proc/mounts failed, hrPartitionFSIndex offline, will report 0
Mar xx xx:xx:xx VC_FQDN vpxd[11582]: Event [941831] [1-1] [2025-03-17T11:17:17.211488Z] [vim.event.UserLogoutSessionEvent] [info] [VSPHERE.LOCAL\Administrator] [] [941831] [User VSPHERE.LOCAL\Admin
[email protected] logged out (login time: Monday, 17 March, 2025 10:46:58 AM, number of API invocations: 3, user agent: vAPI/2.100.0 Java/1.8.0_412 (Linux; 5.10.219-3.ph4; amd64))]
Mar xx xx:xx:xx VC_FQDN cli[3245764]: vmware.vherd.linux_cli.cli Error getting authentication cookie from applmgmt service. Verify that the applmgmt service is running and that the method requested
 to obtain the cookie requires authentication.
Mar xx xx:xx:xx VC_FQDN sshd[3245726]: pam_mgmt_cli(sshd:auth): auth script returned error (251): Error getting authentication cookie from applmgmt service.
Mar xx xx:xx:xx VC_FQDN CROND[3246107]: (root) CMD (. /usr/lib/applmgmt/backup_restore/scripts/backup-restore-cron-loader.sh ; /usr/lib/applmgmt/monitoring/scripts/alarm_cron.py >>/var/log/vmware/a
pplmgmt/alarm_cron.log 2>&1)

• Log file /var/log/vmware/applmgmt/applmgmt.log will show similar entries to: 

xxxx-xx-xxTxx:xx:xx PM IST [24090]DEBUG:vmware.vherd.transport.authentication:No cookie in request
xxxx-xx-xxTxx:xx:xx PM IST [24090]DEBUG:vmware.vherd.transport.authentication:Verifying credentials against Linux PAM of user: XXXXXXX302
xxxx-xx-xxTxx:xx:xx PM IST [24090]DEBUG:vmware.vherd.transport.authentication:faillock.get b'Login           Failures    Latest failure      From\USER_NAME          3       2025-03-17 14:55:48    passwd\n'

• Log file /var/log/vmware/messages will show similar entries to:

xxxx-xx-xxTxx:xx:xx.xxxxxx+xx:xx VC_FQDN snmpd[2175] P3 13771: init_partition_mounts: read /proc/mounts failed, hrPartitionFSIndex offline, will report 0
xxxx-xx-xxTxx:xx:xx.xxxxx+xx:xx VC_FQDN cli: vmware.vherd.linux_cli.cli Error getting authentication cookie from applmgmt service. Verify that the applmgmt service is running and that the method requested to obtain the cookie requires authentication.
xxxx-xx-xxTxx:xx:xx.xxxxxx+xx:xx VC_FQDN sshd[3245726] pam_mgmt_cli(sshd:auth): auth script returned error (251): Error getting authentication cookie from applmgmt service.

vCenter Server 8.0.3

The double password prompt during SSH login is caused by vCenter sudo privilege escalation configuration.

• Take a online snapshot of vCenter ( If the vCenter are in ELM-Offline snapshots is Mandatory Ref:VMware vCenter in Enhanced Linked Mode pre-changes snapshot (online or offline) best practice)
  SSH to the vCenter with root user
• Open the file /usr/lib/applmgmt/base/py/vmware/vherd/base/utils.py using vi
• Change the below line
   
    proc = subprocess.Popen(['sudo', support_script],
 stdout=subprocess.PIPE, stderr=subprocess.PIPE)

         to 

           proc = subprocess.Popen(['sudo', '/bin/sudo_py_vmw_path_pp_wrapper.sh', support_script],
     stdout=subprocess.PIPE, stderr=subprocess.PIPE)

Note: Please retain the original indentation

• Restart the appliance management service executing command: service-control --restart applmgmt