Log in to the NSX Malware Prevention Service Virtual Machine
NSX Malware Prevention
Service Virtual MachineBy default, an
admin
user on the NSX Malware Prevention
service virtual machine (SVM) does not have an SSH
access to the SVM. The VMware vCenter
administrator must activate SSH access to the SVM.- The public key of theNSX Malware PreventionSVM must be specified during service deployment and the key must adhere to a specific format. For information about the public key format, see Prerequisites for Deploying NSX Distributed Malware Prevention Service.
- VMware vCenteradministrator must activate SSH access to theNSX Malware PreventionSVM by completing these steps:
- Log in tovSphere Client.
- Go toHosts and Clustersand navigate to the cluster.
- Select the VM (service virtual machine), and then clickLaunch Web Console.
- Log in to the SVM as arootuser, and run the following command to start the SSH service:/etc/init.d/ssh startOn the first login, you are prompted to reset the default password of therootuser. The default password isvmware.
Now, you can log in to the SVM as an
admin
user and use the SVM private key to start an SSH
session.SSH access to the
admin
user of the SVM is key-based (public-private key pair). A public key is needed when you are
deploying the service on an ESXi
host cluster,
and a private key is needed when you want to start an SSH session to the SVM.Store the private key
securely. Loss of the private key can lead to a loss of SSH access to the
NSX Malware Prevention
SVM.- Ensure that the private key file is stored on your computer from where you want to start a remote SSH session to the SVM.For example, let us assume that you had generated an RSA public-private key pair before service deployment. The private key (id_rsa)is saved on your Windows computer atC:\Users\.username\.ssh
- On your Windows computer, open an SSH client and do these steps.
- Enter the IP address of the SVM management interface.
- Select the SVM private key file to use for authentication to the SVM.For example, if you are using the PuTTy client, navigate toAuth. In thePrivate key file for authenticationtext box, clickBrowse, and navigate to theC:\Users\on your Windows computer to select the private key file.username\.ssh\id_rsaIf you are using any other SSH client, consult the documentation of your SSH client for steps about specifying the private key file.
If you are using the Mac Terminal or any SSH Terminal, run the following command to start an SSH session by using the SVM private key:ssh -ipath_to_private_keyadmin@svm-management-ip- Replacepath_to_private_keywith the actual path to the folder where the private key file is stored on your machine.
- Replacesvm-management-ipwith the actual IP address of the SVM management interface.
After the debugging or troubleshooting tasks on the SVM are done, the
VMware vCenter
administrator must
preferably deactivate SSH access to the NSX Malware Prevention
SVM.