When a non-admin user logs in to the NSX Advanced Load Balancer Linux CLI, the non-admin user can have admin-like privileges.

An SSH session to Linux CLI is available only for admin username. Even if a user is configured as a super-user, the user cannot log in to Linux CLI. Users other than admin, including super-users (whether local or remote), can only log in using cli@<Avi Controller IP> command.

If a non-admin user, even if it is configured as a super-user, tries to SSH to NSX Advanced Load Balancer Controller IP address, the system will return an Access Denied error, as shown below.

login as: testuser
Avi Cloud Controller
Avi Networks software, Copyright (C) 2013-2017 by Avi Networks, Inc.
All rights reserved.
Version: 17.1.8
Date: 2017-09-21 06:03:07 UTC
Build: 9020
Management: 10.10.1.1/23 UP
Gateway: 10.10.1.10 UP
Esx and [email protected]'s password:
Access denied
[email protected]'s password: