VMware ESXi / vCenter Server
VMware / BroadcomCI/CD5 credentials
ESXi Root Password
vmware-vsphere / esxi-root-password
ESXi hosts use a local root account for direct host administration. The root password is set during installation or deployment and is governed by ESXi password complexity and account lockout policy.
Location
ESXi Host Client, DCUI, SSH, ESXi Shell, and API/etc/shadow on ESXi host backups and host profiles where applicable
password managers, Auto Deploy/host profile secrets, and deployment vaults
Kickstart scripts, Terraform/Ansible inventories, and lab automation
installer logs, host connection errors, and automation traces
Notes
There is no universal ESXi root password; it is chosen during installation, scripted deployment, or image provisioning.
vCenter Single Sign-On Administrator Password
vmware-vsphere / vcenter-sso-administrator
vCenter Server creates a Single Sign-On domain during installation. The administrator account, commonly [email protected], has vCenter SSO administrative privileges and its password is set during deployment.
Location
vSphere Client, vCenter API, and SSO endpointsvCenter identity/SSO stores and appliance configuration state
VCSA deployment JSON, installer answer files, and backup/restore configuration
password managers and deployment vaults
VCSA unattended install templates and lab automation
installer logs, SSO setup logs, and API client traces
vCenter API Session Token
vmware-vsphere / vcenter-session-token
vCenter REST and SOAP clients obtain session tokens/cookies for API access. Leaked sessions can allow operations as the authenticated user until expiration or revocation.
Location
vmware-api-session-idvCenter REST API session identifier header
CookieSOAP/VI SDK session cookie such as vmware_soap_session
API client debug logs, HTTP traces, and CI output
CLI caches and automation client state
Host, vCenter, and Integration Secrets
vmware-vsphere / host-vcenter-integration-secrets
vSphere environments store credentials for ESXi host connections, vCenter extensions, backup products, vpxuser host management, and external identity/LDAP integrations.
Location
vCenter Server database and SSO/solution user stores
VCSA configuration files, extension registrations, backup configs, and identity source settings
solution user certificates, key stores, and password vaults
automation manifests and integration test configs
vpxd, SSO, LDAP, backup, and extension logs when debug output is enabled
ESXi/vCenter SSH Keys and Solution Certificates
vmware-vsphere / ssh-private-keys-and-certificates
ESXi and vCenter appliances use SSH keys, machine SSL certificates, solution user certificates, and trust-store secrets for administrative access and service-to-service authentication.
Looks like
pattern-----BEGIN (RSA |OPENSSH |EC |)PRIVATE KEY-----Location
VCSA and ESXi appliance key stores, SSH config, and certificate directories
VECS certificate stores, backup vaults, and password managers
support bundles, backups, and exported certificates/keys
Scope
Authorized use
LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.