After ESXi 6.5 setup is complete, password complexity requirements are enforced for users, esp. root. To change root password to a simple non-complex password by disabling password complexity requirements temporarily use following steps:
- SSH to host
- vi /etc/pam.d/passwd
- Comment first (requisite) and second (sufficient) lines
- Copy sufficient line and remove use_auth_ok. Leave this edited line uncommented
- Save and exit vim
- Change password using passwd command to desired simple (non-complex) password
- Again vi /etc/pam.d/passwd and make it same as before
cat /etc/pam.d/passwd
#%PAM-1.0
# Change only through host advanced option "Security.PasswordQualityControl".
#password requisite /lib/security/$ISA/pam_passwdqc.so retry=3 min=disabled,disabled,disabled,7,7
#password sufficient /lib/security/$ISA/pam_unix.so use_authtok nullok shadow sha512
password sufficient /lib/security/$ISA/pam_unix.so nullok shadow sha512
password required /lib/security/$ISA/pam_deny.so