Local users are unable to access local or remote Tech Support mode on ESXi 4.1
Article ID: 307374
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
Symptoms:
- Remote Tech Support mode has been enabled on the ESXi 4.1 host as per the procedure in Using Tech Support Mode in ESXi 4.1 (1017910) .
- On ESXi 4.1, a local user account is created and granted the Administrator role as per Local users created on ESX and ESXi systems cannot log in (1024235).
- Using SSH to access the ESXi 4.1 host with the root account works as expected
- Using SSH to access the ESXi 4.1 host with the local account results in the message Access Denied
- You see entries similar to these in the /var/log/messages file on the ESXi host:
Oct 7 15:55:34 dropbear[208994]: user 'someuser' has invalid shell, rejected
Oct 7 15:57:50 dropbear[209283]: exit after auth (someuser): error changing directory
Oct 7 15:57:50 dropbear[209283]: exit after auth (someuser): error changing directory
Environment
VMware ESXi 4.1.x Installable
VMware ESXi 4.1.x Embedded
VMware ESXi 4.1.x Embedded
Resolution
When local users are created via the vSphere client on ESXi 4.1 hosts, the shell value is set to /sbin/nologin shell that prevents login and the home directory is set to a non existant /home/<username> directory this prevents successful logins by local users.
To resolve this issue, create the home directory and change the shell values:
- Access the ESXi 4.1 host via Tech Support mode (local or remote) as the root user.
- Issue these commands to set the shell to /bin/ash and to create the home directory (replace <username> with the username to be modified).
usermod -s /bin/ash <username>
mkdir -p /home/<username>
chown <username> /home/<username>
Note: To make these changes persistent across reboots, consider setting the user's home directory to a folder residing on a local VMFS volume.
mkdir -p /home/<username>
chown <username> /home/<username>
Note: To make these changes persistent across reboots, consider setting the user's home directory to a folder residing on a local VMFS volume.
Additional Information
On an ESXi 4.1 system, the /home directory does not exist by default. Using the -p switch to the mkdir command creates the /home directory as well as the user directory beneath it.
To use a home directory different from the default if /home is not a desirable location.
- Access the ESXi 4.1 host via Tech Support mode (local or remote) as the root user.
- Use a text editor (vi) to edit the /etc/passwd file. Find the line beginning with the username that needs to be modified. Change the /home/<username</SPAN>> entry to the desired home directory.
- Run these commands to create the new home directory (replacing <username> with the username to be modified and <homedir> to the desired home directory).
mkdir -p <homedir>
chown <username> <homedir>
Using Tech Support Mode in ESXi 4.1, ESXi 5.x, and ESXi 6.xchown <username> <homedir>
Local or Active Directory Domain users on ESX and ESXi 4.1 systems cannot log in
Feedback
Yes
No
Powered by
