I’ve run into this situation a couple of times now as a consultant – I go on site, we need to make some changes that require (or would at least benefit from) SSH or console access into an ESXi host, but the root password is unknown for any number of reasons – the old admin who set it left, we forgot, whatever. Rather than rebuild the host, here’s a neat trick with Host Profiles to reset the root password.
Since this is using Host Profiles, this assumes your ESXi host(s) are up, available in vCenter Server, and licensed with vSphere Enterprise Plus. This is only possible because the vpxa user on each ESXi host, added when the ESXi host is connected to vCenter Server, has root privileges.
Create the Host Profile
1. Right click any host in your inventory (it doesn’t matter which), choose Host Profile, then Create Profile from Host.
2. Name the Host Profile and give it a description. Click Next.
3. Click Finish to create the Host Profile.
Configure the Host Profile
1. Open Host Profiles.
2. Right-click the Host Profile and choose Edit Profile.
4. Right-click the Host Profile and choose Enable/Disable Profile Configuration.
5. Uncheck everything in the Host Profile configuration except the Security Configuration, click OK.
Apply the Host Profile to the ESXi Host (or vSphere Cluster)
1. Put the ESXi host in question into Maintenance Mode.
2. Right click any host in your inventory, choose Host Profile, then Manage Profile.
3. Choose the Password_Reset Host Profile, click OK.
4. Right click any host in your inventory, choose Host Profile, then Apply Profile.
5. Review the changes to be applied (the administrator password change should be the only one), click Finish.
Now, make sure you can log in with the new password. If the setting has been changed successfully, you should be able to log in with the new password immediately.