VMware ESXi 5.5 : cannot login after password changed

114

Solution 1

OK the problem is a bug in VMWare ESXi 5.5 : If you change a password to something longer than 30 characters it will not complain but your password will be changed anyway to only the first 30 chars of the provided password ! To be able to login again, you have to use the first 30 chars of your password.

Solution 2

Possibly related. In esxi 6, changing the root password in the Vsphere client did not seem to properly take effect. I could no longer log into vsphere, but could still log into the machine console with the old password. Restarting all the management agents seemed to bring everything into line again.

114

Sebastian Olsen

Updated on September 18, 2022

Comments

Sebastian Olsen over 1 year
My state management system in an old project uses MobX. Recently I wanted to make it work with SSR (as I have had success with that in newer projects).

The idea was to have a store manager that manages all the stores, which the stores can also access to be able to read and modify other stores. This works fine with JavaScript, but TypeScript makes it a problem.

I have managed to isolate the problem into a reproductible example. You can run this in the TypeScript playground to see the issue.
```
/**
 * The manager holds all the stores in the application
 */
class StoreManager<T extends Record<string, InitializableStore>> {
  public stores: T = {} as any

  constructor(
    public instantiators: { [K in keyof T]: (manager: any) => T[K] },
  ) {
    for (const [name, creator] of Object.entries(instantiators)) {
      this.stores[name as keyof T] = creator(this)
    }
  }

  public async init() {
    console.info("Initializing stores")
    await Promise.all(Object.values(this.stores).map((x) => x.init()))
  }
}

export type Manager = StoreManager<Stores>

/** 
 * This class represents a store which should have access to the manager
 */

class InitializableStore {
  constructor(protected manager: Manager) {}

  public init(): void | Promise<void> {}
}


/** 
 * Helper function for creating a store factory
 */
const createStoreFactory = <S extends InitializableStore>(
  storeClass: new (manager: Manager) => S,
) => (manager: Manager) => new storeClass(manager)


/**
 * Example store set up
 */

class StoreA extends InitializableStore {
  public init() {}

  public meow() {
    console.log("Meow")
  }
}

class StoreB extends InitializableStore {
  public init() {
    const { storeA } = this.manager.stores
    storeA.meow()
  }

  public woof() {
    console.log("Woof!")
  }
}

const storeA = createStoreFactory(StoreA)
const storeB = createStoreFactory(StoreB)

/**
 * Defining the stores for the manager here
 * */
const stores = { storeA, storeB }

export type StoreMapReturn<
  T extends Record<string, (manager: Manager) => InitializableStore>
> = {
  [K in keyof T]: ReturnType<T[K]>
}

/**
 * This errors, because there's a circular reference
 */
export type Stores = StoreMapReturn<typeof stores>
```
Since the stores need to have access to the manager, the types are super complex and don't actually work because there's a circular reference. In a perfect situation, it would work like this:
- The manager can be accessed in any store
- The manager is not a global object imported from a file (so it can be created on the fly and is fully encapsulated)
- The stores are fully typesafe when accessed from the manager
- 0xSheepdog almost 10 years
  
  Have you tried logging in with the old password? I haven't used ESXi in awhile, but I do recall a situation where one system (not ESXi) required a reboot for root password changes to take affect. Maybe the same here? shrug Not sure, but easy to test.
- db_ch almost 10 years
  
  I get invalid login or password message when tring to log in with "VMware vSphere Client". Previous password was default password (empty), it doesn't work either.
- db_ch almost 10 years
  
  My password is 32 characters long, is it maybe too long ?
- Chris almost 10 years
  
  This KB explains password policies, and you should try to log in directly in ESXi shell to see if you get the same problem.
- db_ch almost 10 years
  
  Woaw! What a HUGE bug I found in VMWare ESXi !!! If you enter a password longer than 30 characters it will not complain but your password will be changed to only the first 30 chars of the provided password !!!
- Chris almost 10 years
  
  It sounds strange because the KB article I linked in my previous comment states that the password can be 40 characters long.
- db_ch almost 10 years
  
  @ChristopheC: yes, strange, mine was clearly limited to 30.
- Build Succeeded over 4 years
  
  Add language tags to question to get attention
- Sebastian Olsen over 4 years
  
  @Mannoj TypeScript is literally the first tag...
Overmind over 4 years

What you encountered was a special protection. After 3 retries there's a timeout, which increases with each try after that. Simply letting it like that and using the correct password after some time will work.