cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1450
Views
0
Helpful
6
Replies

Fresh OVA Admin CLI Denied

BenStansfield
Level 1
Level 1

Hello all

 

Since moving to Collector-2.9.1-B-22, some new installations don't allow access to the CLI through admin. I have built a CSPC this morning and created an admin password, logged into the UI, set recovery details, and kicked off the scans. 

 

While doing the above I went to set the collectorlogin and root passwords, annoyingly the admin won't allow me to access so I have no CLI access. The appliance only has 1 password set at this stage. CLI prompt reports Access Denied.

 

 

1 Accepted Solution

Accepted Solutions

Hi,

 

Thank you for the update. It seems like the "admin" has no permission given under the file /etc/ssh/sshd.config to directly log into the CLI (putty).

 

Also, please confirm if you are able to log into the Console (Console of VM where you have deployed the CSPC) as "admin".

Hence we request you to first set the password to the "collectorlogin" and "root" using the Console of VM and then log in as "collectorlogin" and then if necessary further switch user (su) as "admin" or "root" in CLI (putty).

 

Once you successfully log into the admin via Console of VM, to set the password, kindly follow the commands which I have shared in the previous post that is:

# pwdreset collectorlogin 90
# pwdreset root 90


Also, you mentioned that the password that we set to the admin after deployment will be applied for both CLI and GUI. However, it will not be applied for both. You will have to set password to admin GUI and CLI separately.

If you are still having issue, we can have Webex session and you can confirm the details over the Private Message for the same.

 

Thanks and regards,

Madhusha R

View solution in original post

6 Replies 6

madhushr
Cisco Employee
Cisco Employee

Hi,

 

We are looking into the issue and we will get back to you with an update at the earliest.

 

Thanks and Regards,

Madhusha R

madhushr
Cisco Employee
Cisco Employee

Hi,

 

Could you please confirm if you have successfully set the admin password and if you are able to log into the CLI with admin password or not.

If yes, then you should be able to set the password via console for collectorlogin and root using the below commands:
# pwdreset collectorlogin 90
# pwdreset root 90

If you are not able to reset the password or log into admin, then kindly share the screenshot of the error that you get while trying to log into admin via Private Message.

 

Thanks and Regards,

Madhusha R

Hi Madhusha

 

This is a fresh installation, I loaded the OVA, applied an admin password through CentOS, and then the IP address details. Next logged into the 'admin' on the UI and configured the basic settings (certificate, NTP, credentials, discovery etc).

 

Then loaded Putty, connected to the collector, and entered username 'admin', when inputting the admin password the prompt returned as access denied (Just like it does if the password is incorrect). Unless there has been a major change from versions before 2.9 to 2.9, the way in which i understand it is as the below; 

 

Once you deploy a new collector you set an admin password, this applies for both the CLI and UI, once the UI password for admin has expired you have to follow the recovery questions and reset the password. At this point the passwords become two, one for UI and the other for CLI (ofcourse they can both be set to the same thing, but they also cannot). 

 

As this is a fresh installation and only a single 'admin' password has been set, I am struggling to see what has happened. Happy to send a screenshot over to you but its just as the below;

 

Login as: admin

Password: 

Access Denied

Password: 

Access Denied

Password: 

Access Denied

 

Terminal ends

Hi,

 

Thank you for the update. It seems like the "admin" has no permission given under the file /etc/ssh/sshd.config to directly log into the CLI (putty).

 

Also, please confirm if you are able to log into the Console (Console of VM where you have deployed the CSPC) as "admin".

Hence we request you to first set the password to the "collectorlogin" and "root" using the Console of VM and then log in as "collectorlogin" and then if necessary further switch user (su) as "admin" or "root" in CLI (putty).

 

Once you successfully log into the admin via Console of VM, to set the password, kindly follow the commands which I have shared in the previous post that is:

# pwdreset collectorlogin 90
# pwdreset root 90


Also, you mentioned that the password that we set to the admin after deployment will be applied for both CLI and GUI. However, it will not be applied for both. You will have to set password to admin GUI and CLI separately.

If you are still having issue, we can have Webex session and you can confirm the details over the Private Message for the same.

 

Thanks and regards,

Madhusha R

Hi Madhusha

Thank you for the update, I was able to reset both collectorlogin and root from the console within VMware. From there I then connected as root through Putty and ran passwd admin.

All sorted now, thanks for your support!

 

 

Hi,

 

Good to hear that the issue is resolved.

 

Thanks and Regards,

Madhusha R