You can SSH to a Tanzu Kubernetes cluster node as the vmware-system-user using a password.

You can connect to a cluster node as the vmware-system-user user with a password. The password is stored as a secret named CLUSTER-NAME-ssh-password. The password is base64 encoded in .data.ssh-passwordkey. You can provide the password over an SSH session. For more information about this secret, see Tanzu Kubernetes Cluster Secrets.

Note: These instructions assume that you are using a Linux host.


  1. Connect to the Supervisor Cluster.
  2. Switch context to the Supervisor Namespace where the Tanzu Kubernetes cluster is provisioned.
    kubectl config use-context NAMESPACE
  3. Get the IP address of the target cluster node.
    kubectl get virtualmachines
  4. View the CLUSTER-NAME-ssh-password secret.
    kubectl get secrets
  5. Get the password for the target cluster.
    kubectl get secrets CLUSTER-NAME-ssh-password -o yaml | grep ssh-passwordkey
  6. Generate the password.
    echo <ssh-passwordkey_base64_data> | base64 --decode
  7. SSH to the target cluster node as the vmware-system-user.
    ssh vmware-system-user@CLUSTER-NODE-IP-ADDRESS
  8. Enter the password generated in the previous step.