Unable to login with root credential in ESXI UI and putty.
search cancel

Unable to login with root credential in ESXI UI and putty.

book

Article ID: 403915

calendar_today

Updated On:

Products

VMware vSphere ESXi VMware vSphere ESXi 8.0

Issue/Introduction

Error :


"No supported authentication methods available (server sent: publickey,keyboard-interactive")

 

Hostd.log :

 

YYYY-MM-DDT Wa(164) Hostd[2099116]: [Originator@6876 sub=Vimsvc opID=esxui-ebcd-cded sid=52757f28] Refresh function is not configured.User data can't be added to scheduler.User name: root

YYYY-MM-DDT In(166) Hostd[2099116]: [Originator@6876 sub=Vimsvc.ha-eventmgr opID=esxui-ebcd-cded sid=52757f28] Event 1646 : Cannot login user root@#.#.#.#: no permission

YYYY-MM-DDT10:49:26.660Z In(166) Hostd[2099144]: [Originator@6876 sub=Solo.Vmomi] Activation finished; <<52757f28-87e9-e6c6-b0f2-769c271c9b47, <TCP '127.0.0.1 : 8307'>, <TCP '127.0.0.1 : 56076'>>, ha-sessionmgr, vim.SessionManager.login, <vim.version.v8_0_3_0, official, 8.0.3.0>, [N11HostdCommon18VmomiAdapterServer19ActivationResponderE:0x000000ff27e89718]>

YYYY-MM-DDT Db(167) Hostd[2099144]: [Originator@6876 sub=Solo.Vmomi] Arg userName: YYYY-MM-DDT Hostd[2099101]: --> "root" YYYY-MM-DDT Db(167) Hostd[2099144]: [Originator@6876 sub=Solo.Vmomi] Arg password:

YYYY-MM-DDT Hostd[2099101]: --> (not shown) YYYY-MM-DDT Hostd[2099101]: --> YYYY-MM-DDT Db(167) Hostd[2099144]: [Originator@6876 sub=Solo.Vmomi] Arg locale:

YYYY-MM-DDT Db(167) Hostd[2099101]: --> "en-US" YYYY-MM-DDT10:49:26.661Z In(166) Hostd[2099144]: [Originator@6876 sub=Solo.Vmomi] Throw vim.fault.NoPermission YYYY-MM-DDTIn(166) Hostd[2099144]: [Originator@6876 sub=Solo.Vmomi] Result: YYYY-MM-DDTIn(166) Hostd[2099101]: --> (vim.fault.NoPermission) { YYYY-MM-DDT In(166) Hostd[2099101]: --> object = 'vim.Folder:ha-folder-root', YYYY-MM-DDTIn(166) Hostd[2099101]: --> privilegeId = "System.View", YYYY-MM-DDTIn(166) Hostd[2099101]: --> msg = "", YYYY-MM-DDT In(166) Hostd[2099101]: --> }

 

Vobd.log :

 

YYYY-MM-DDT In(14) vobd[2097716]:  [UserLevelCorrelator] 9071185154548us: [vob.user.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [GenericCorrelator] 9071185154548us: [vob.user.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [UserLevelCorrelator] 9071185155265us: [esx.audit.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [UserLevelCorrelator] 9071215764889us: [vob.user.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [GenericCorrelator] 9071215764889us: [vob.user.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [UserLevelCorrelator] 9071215765613us: [esx.audit.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [GenericCorrelator] 9071273423250us: [vob.user.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [UserLevelCorrelator] 9071273423250us: [vob.user.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.
YYYY-MM-DDT In(14) vobd[2097716]:  [UserLevelCorrelator] 9071273424506us: [esx.audit.ssh.session.failed] SSH login has failed for 'root@#.#.#.#'.

 

Environment

VMware vSphere ESX 7.x

VMware vSphere ESX 8.x

Cause

Root user is being denied access due to missing the System.View privilege on the object vim.Folder:ha-folder-root. This is a classic case of a vim.fault.NoPermission error, which occurs when a user authenticates successfully but lacks the necessary authorization to perform even basic operations like viewing inventory.

If Lockdown mode is enabled then it prevents to access or login ESXI with root credential.

Resolution

When the host is running, available services depend on whether lockdown mode is activated, and on the type of lockdown mode.

In strict and normal lockdown mode, privileged users can access the host through vCenter Server, from the vSphere Client, or by using the vSphere Web Services SDK.

Direct Console Interface behavior differs for strict lockdown mode and normal lockdown mode.

In strict lockdown mode, the Direct Console User Interface (DCUI) service is deactivated.

In normal lockdown mode, accounts on the Exception User list can access the DCUI if they have administrator privileges. In addition, all users who are specified in the DCUI.Access advanced system setting can access the DCUI.

If the ESXi Shell or SSH is activated and the host is placed in lockdown mode, accounts on the Exception Users list who have administrator privileges can use these services. For all other users, ESXi Shell or SSH access is deactivated. ESXi or SSH sessions for users who do not have administrator privileges are closed.

Need to Disable the Lockdown mode.

 

Additional Information

Powered by Wolken Software