Log in to the
NSX Malware Prevention
Service Virtual Machine

By default, an
admin
user on the
NSX Malware Prevention
service virtual machine (SVM) does not have an SSH access to the SVM. The
VMware vCenter
administrator must activate SSH access to the SVM.
  1. The public key of the
    NSX Malware Prevention
    SVM must be specified during service deployment and the key must adhere to a specific format. For information about the public key format, see Prerequisites for Deploying NSX Distributed Malware Prevention Service.
  2. VMware vCenter
    administrator must activate SSH access to the
    NSX Malware Prevention
    SVM by completing these steps:
    1. Log in to
      vSphere Client
      .
    2. Go to
      Hosts and Clusters
      and navigate to the cluster.
    3. Select the VM (service virtual machine), and then click
      Launch Web Console
      .
    4. Log in to the SVM as a
      root
      user, and run the following command to start the SSH service:
      /etc/init.d/ssh start
      On the first login, you are prompted to reset the default password of the
      root
      user. The default password is
      vmware
      .
Now, you can log in to the SVM as an
admin
user and use the SVM private key to start an SSH session.
SSH access to the
admin
user of the SVM is key-based (public-private key pair). A public key is needed when you are deploying the service on an
ESXi
host cluster, and a private key is needed when you want to start an SSH session to the SVM.
Store the private key securely. Loss of the private key can lead to a loss of SSH access to the
NSX Malware Prevention
SVM.
  1. Ensure that the private key file is stored on your computer from where you want to start a remote SSH session to the SVM.
    For example, let us assume that you had generated an RSA public-private key pair before service deployment. The private key (
    id_rsa)
    is saved on your Windows computer at
    C:\Users\
    username
    \.ssh
    .
  2. On your Windows computer, open an SSH client and do these steps.
    1. Enter the IP address of the SVM management interface.
    2. Select the SVM private key file to use for authentication to the SVM.
      For example, if you are using the PuTTy client, navigate to
      Connection
      SSH
      Auth
      . In the
      Private key file for authentication
      text box, click
      Browse
      , and navigate to the
      C:\Users\
      username
      \.ssh\id_rsa
      on your Windows computer to select the private key file.
      If you are using any other SSH client, consult the documentation of your SSH client for steps about specifying the private key file.
    If you are using the Mac Terminal or any SSH Terminal, run the following command to start an SSH session by using the SVM private key:
    ssh -i
    path_to_private_key
    admin@
    svm-management-ip
    • Replace
      path_to_private_key
      with the actual path to the folder where the private key file is stored on your machine.
    • Replace
      svm-management-ip
      with the actual IP address of the SVM management interface.
After the debugging or troubleshooting tasks on the SVM are done, the
VMware vCenter
administrator must preferably deactivate SSH access to the
NSX Malware Prevention
SVM.