SSH randomly inaccessible with root account on vCenter Server
search cancel

SSH randomly inaccessible with root account on vCenter Server

book

Article ID: 429206

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • After updating vCenter Server to version 8.0 U2 or above, entering a bad password at ssh login locks the account for 5 minutes (by default).
  • The default shell for root account is "/bin/appliancesh"

To check the default shell for root account

#grep root /etc/passwd
root:x:0:0:root:/root:/bin/appliancesh

Environment

  • vCenter Server 8.0 U2 and above 

Cause

  • Starting from 8.0 U2, the unlock policy in vCenter Server changed from pam_tally2 to faillock.
  • With this change, if the default shell for user root is "/bin/appliancesh" , entering a bad password for root account locks the account for 5 minutes.

 

Resolution

As a workaround, use the procedure below:

  • Switch to default shell /bin/bash

#chsh -s /bin/bash root

  • Verify the default shell

#grep root /etc/passwdroot
root:x:0:0:root:/root:/bin/bash

 

Powered by Wolken Software