Leapswitch Networks Pvt. Ltd.
How to Unlock and Secure Root Account-VMware Esxi
You Need to Make Sure SSH is enabled.
How to enable SSH in VMware Esxi?
-
At the console press CTRL+ALT+F2 to get to the ESXi shell. If a login shows up, continue with step 3, otherwise continue with step 2.
-
Login to the DCUI (to enable the ESXi Shell if not already done)
-
Login with root and the correct password.
-
Go to Troubleshooting Options
-
Select Enable ESXi Shell
-
Press CTRL+ALT+F1
-
At the ESXi shell login with root and the password
-
Run the following commands to show number of failed attempts:
pam_tally2 --user root
Run the following command to unlock the root account:
pam_tally2 --user root --reset
To secure access to SSH:
1. Login to VMware ESXI in browser > Networking > Firewall Rules > search for Name: SSH Server > Edit Settings > Disable “All Connections from all IP addresses” and Enable “Only allow connections from the following networks”
And add customers static IP, Fixed VPN IP
To secure access vSphere Web Access:
1. Login to VMware ESXI in browser > Networking > Firewall Rules > search for Name: vSphere Web Access > Edit Settings > Disable “All Connections from all IP addresses” and Enable “Only allow connections from the following networks”
And add customers static IP, Fixed VPN IP
To secure Vsphere Web Client:
1. Login to VMware ESXI in browser > Networking > Firewall Rules > search for Name: vSphere Web Client > Edit Settings > Disable “All Connections from all IP addresses” and Enable “Only allow connections from the following networks”
And add customers static IP, Fixed VPN IP
Document Created By:
Swapnil Aher: 15/08/2023