VMware Skyline Collector Password Recovery (KB52652)

After configuring few instances of VMware Skyline I found I am no longer able to login through ssh root or on web portal through admin, the default password was not working. Another thing was whenever logging through SSH tool I was getting root is locked up. For this skyline has simple and nice knowledge based article Since I was facing recurring issue, I thought of adding few screenshot and write detailed blog about it. 

Reset root password on VMWare PHOTON OS

The first step I will perform is resetting root password on VMware Skyline Collector appliance, Skyline collector uses VMware photon OS. (The same step for resetting root password will also work on other VMware product where Photon OS is used in the appliance for example VCSA (VMware vCenter Server Appliance)). 

Restart appliance from vCenter server (Open web remote console before restart) and when you see the below Photon OS boot screen press e on the keyboard.

VMware vsphere esxi Photon os skyline collector reset password Skyline Collector Password Recovery (52652) root admin password.png

On the GNU GRUB screen type rw init=/bin/bash after $systemd_cmdline and Press Ctrl-x or F10 to boot to command prompt.

Skyline Collector Password Recovery (52652) Vmware Photon os rw init bin bash vcenter vsphere esxi recover reset root ssh password photon_initrd root partition.png

Once system is loaded on the linux command prompt type passwd to reset root password, type new password twice to confirm. Next unlock root password if it is locked, you can check the status and unlock it with pam_tally command, if it is a recurring issue you will get to know from which ip root account is getting locked up.

/sbin/pam_tally2 --user root
/sbin/pam_tally2 --user root --reset
/sbin/pam_tally2 --user root
reboot -f

Reboot the server in the last.

Skyline Collector Password Recovery (52652) VMware vsphere esxi vcenter passwd pam_tally2 --user root --reset reboot -f admin password reset new password latest failure from ip login root.png

Reset Admin password Skyline Controller Web Portal

To reset web portal Admin password of Skyline controller you will require to open remote console and Login with root account.

VMware SKyline appliance controller recover admin web portal password skyline password recovery root kb vsphere vcenter esxi.png

Provide root account password, change directory to /usr/local/skyline/ccf/config/generated/ locate credentials.json, this file contains Admin password hash. Change the file name of credentials.json to credentials.json.old. and restart server with reboot -f. (File is regenerated upon reboot with "default" password)

cd /usr/local/skyline/ccf/config/generated/
mv credentials.json credentials.json.old
reboot -f

After reboot, open Skyline Collector web portal and use new Admin password "default", once authentication succeeded it asks for resetting new password.

Skyline Collector Password Recovery (52652) VMware vsphere esxi vcenter passwd pam_tally2 reboot -f admin default password reset cd usr local skyline ccf config generated credentials.json.old.png

PermitRootLogin ssh

In the last I suspect because by default ssh root login is set to no inside /etc/ssh/sshd_config, this may be the cause of locking out of root user. To give permissions to root to ssh use below commands. restart sshd service and Log to skyline collector from ssh with root.

ls /etc/ssh
vi /etc/ssh/sshd_config 
#change or add line PermitRootLogin yes
systemctl restart sshd

Skyline Collector Password Recovery (52652) vmware vsphere vcenter esxi permitrootlogin  sshd_config etc ssh ssh_host_dsa_key.png

