When a non-admin user logs in to the NSX Advanced Load Balancer Linux CLI, the non-admin user can have admin-like privileges.
An SSH session to Linux CLI is available only for admin username. Even if a user is configured as a super-user, the user cannot log in to Linux CLI. Users other than admin, including super-users (whether local or remote), can only log in using cli@<Avi Controller IP> command.
If a non-admin user, even if it is configured as a super-user, tries to SSH to NSX Advanced Load Balancer Controller IP address, the system will return an Access Denied error, as shown below.
login as: testuser Avi Cloud Controller Avi Networks software, Copyright (C) 2013-2017 by Avi Networks, Inc. All rights reserved. Version: 17.1.8 Date: 2017-09-21 06:03:07 UTC Build: 9020 Management: 10.10.1.1/23 UP Gateway: 10.10.1.10 UP Esx and [email protected]'s password: Access denied [email protected]'s password: