Nvidia BlueField3 Console/SSH Login Password Issue after BF-Bundle Installation

Dear NVIDIA,

I have Nvidia BlueField3 Console/SSH Login Password Issue after BF-Bundle Installation

The DOCA Host, RSHIM and BF-Bundle are installed and followed by NVIDIA website step.

• NVIDIA DOCA 2.9.2 LTS OVS-DOCA update Downloads

https://developer.nvidia.com/doca-2-9-2-lts-ovs-doca-download-archive?deployment_platform=BlueField&deployment_package=BF-FW-Bundle&installer_type=BFB

• DOCA-Host Installation and Upgrade

https://docs.nvidia.com/doca/sdk/doca-host+installation+and+upgrade/index.html

• BF-Bundle Installation and Upgrade

https://docs.nvidia.com/doca/sdk/bf-bundle+installation+and+upgrade/index.html

But after BF-Bundle Installation, I have Console/SSH Login Password Issue, it always says that my password is wrong.

Here is the methods I have tried.

1. I chose the option 2 to set Pre-defined Password(lanner or lanner123) when installing BF-Bundle image.

After installation, the Host can connect to BF3 via BF3 console or SSH

But both SSH BF3 console can’t login because it shows password error

SSH login password fail823×295 64.8 KB

2. I also try to choose the option 1 to set No Pre-defined Password, but it still need password for SSH or Console Login

3. I tried these 3 default password for console login, but useless

ubuntu, nvidia, bluefield

4. I re-install DOCA Host and BF-Bundle for these 2 versions, repeat step 1-3, all of them have login password issue.

NVIDIA DOCA 2.9.2

Host version: doca-host_2.9.2-012101-24.10-ubuntu2204_amd64.deb

BF-Bundle version: bf-fwbundle-2.9.2-32-prod.bfb

NVIDIA DOCA 3.1.0

Host version: doca-host_3.1.0-091000-25.07-ubuntu2204_amd64.deb

BF-Bundle version: bf-fwbundle-3.1.0-76_25.07-prod.bfb

5. I check the ChatGPT, it says this issue happens after DOCA 2.8.

I have tried all the solutions that ChatGPT provided, but useless.

What you’re seeing — the DPU boots up but won’t accept the default login, and there’s no “set a new password” prompt — is a common Cloud-init auto-lock issue in recent BlueField OS releases (especially DOCA 2.9.2 and later).

Here’s a simple breakdown 👇

🧩 Why can’t you log in after reflashing the BFB?

1️⃣ Cloud-init locks the default account
Starting from DOCA 2.8, NVIDIA changed the BlueField initialization process.
During the first boot, cloud-init reads /etc/cloud/cloud.cfg.d/99_nvidia.cfg, which includes:

disable_root: true  
lock_passwd: true

That means:

• The default ubuntu account gets locked (even if the password is correct).

• You won’t see the usual “please set a new password” prompt.

2️⃣ RShim installation triggers cloud-init automatically
When the BFB image is flashed from the host using RShim, the system runs cloud-init on first boot.
If there’s no external DHCP or metadata server, it may generate a random password — or skip creating the ubuntu account entirely.
That’s why your console never shows the normal login screen.

Can you help to check what happens in my case?

Hi,

I think you need to change the password via the serial connection after installation. Once the password is changed, you should be able to access the device over SSH.

default username/password → ubuntu/ubuntu

Please let me know if this works.

Thanks

Dear Tuanama00,

I have tried your method more than 10 times just like I said before, but it didn’t work. It always shows password error when console or SSH login.

Here is what I have done again and again.

1. I re-installed both DOCA 2.9.2 LTS (bf-fwbundle-2.9.2-32-prod.bfb) and DOCA 3.1.0 (bf-fwbundle-3.1.0-76_25.07-prod.bfb) following the official DOCA Host and BF-Bundle installation guides.
2. After each installation, the DPU boots correctly and is reachable from the host via RShim, but both SSH and console reject all passwords.
3. The console immediately prompts for a password and returns “login incorrect”, so it is impossible to reach a shell to change the password manually.
4. I tested both installer options:

   • Option 1: “No Pre-defined Password” → still requires a password.

   • Option 2: “Pre-defined Password (lanner / lanner123)” → same failure.

5. Default credentials (ubuntu/ubuntu, ubuntu/nvidia, ubuntu/bluefield) also fail on every attempt.
6. This behavior occurs consistently across both DOCA 2.9.2 and 3.1.0 releases.
7. Based on my analysis, the issue appears related to cloud-init automatically locking or overwriting the default “ubuntu” account during first boot when using RShim installation.
8. Request: Could NVIDIA engineering confirm if this is an expected behavior in recent releases, and provide the official method or installation flag (e.g., --no-autoinstall or --disable-cloud-init) to prevent cloud-init from locking the default account during BF-Bundle installation?

• BFB installation log → the password is ‘ubuntu’ in this case

root@lanner:/home/f5/nvidia# cat bf.cfg
ubuntu_PASSWORD=$1$mteJycfu$e7dfqtb5CHLm/KsLyAPoF0
root@lanner:/home/f5/nvidia# bfb-install --rshim rshim0 --bfb bf-fwbundle-2.9.2-32-prod.bfb --config bf.cfg
Checking if local host has root access…
Checking if rshim driver is running locally…
Warn: ‘pv’ command not found. Continue without showing BFB progress.
Pushing bfb + cfg
Collecting BlueField booting status. Press Ctrl+C to stop…
INFO[PSC]: PSC BL1 START
INFO[BL2]: start
INFO[BL2]: boot mode (rshim)
INFO[BL2]: VDD_CPU: 850 mV
INFO[BL2]: VDDQ: 1120 mV
INFO[BL2]: DDR POST passed
INFO[BL2]: UEFI loaded
INFO[BL31]: start
INFO[BL31]: lifecycle GA Secured
INFO[BL31]: runtime
INFO[BL31]: MB ping success
INFO[UEFI]: eMMC init
INFO[UEFI]: eMMC probed
INFO[UEFI]: UPVS valid
INFO[UEFI]: PMI: updates started
INFO[UEFI]: PMI: total updates: 1
INFO[UEFI]: PMI: updates completed, status 0
INFO[UEFI]: PCIe enum start
INFO[UEFI]: PCIe enum end
INFO[UEFI]: UEFI Secure Boot (disabled)
INFO[UEFI]: PK configured
INFO[UEFI]: Redfish enabled
INFO[UEFI]: exit Boot Service
INFO[MISC]: Found bf.cfg
INFO[MISC]: Installed NIC Firmware is the same as provided. Skipping NIC Firmware update.
INFO[MISC]: Installation finished

• Rshim status

root@lanner:/home/f5/nvidia# systemctl status rshim
● rshim.service - rshim driver for BlueField SoC
Loaded: loaded (/lib/systemd/system/rshim.service; enabled; vendor preset:>
Active: active (running) since Thu 2025-10-16 08:39:03 UTC; 3 days ago
Docs: man:rshim(8)
Main PID: 265637 (rshim)
Tasks: 8 (limit: 115287)
Memory: 1.0M
CPU: 55min 36.060s
CGroup: /system.slice/rshim.service
└─265637 /usr/sbin/rshim

Oct 16 08:44:50 lanner rshim[265637]: rshim0 set to locked mode
Oct 16 08:44:51 lanner rshim[265637]: rshim0 set to unlocked mode
Oct 17 01:36:42 lanner rshim[265637]: rshim0 boot open
Oct 17 01:38:02 lanner rshim[265637]: rshim0 boot close
Oct 17 01:38:55 lanner rshim[265637]: rshim0 set to locked mode
Oct 17 01:38:56 lanner rshim[265637]: rshim0 set to unlocked mode
Oct 20 03:17:37 lanner rshim[265637]: rshim0 boot open
Oct 20 03:18:54 lanner rshim[265637]: rshim0 boot close
Oct 20 03:19:47 lanner rshim[265637]: rshim0 set to locked mode
Oct 20 03:19:48 lanner rshim[265637]: rshim0 set to unlocked mode

• BF card status

root@lanner:/home/f5/nvidia# sudo cat /dev/rshim0/misc

DISPLAY_LEVEL 2 (0:basic, 1:advanced, 2:log)
BF_MODE Unknown
BOOT_MODE 1 (0:rshim, 1:emmc, 2:emmc-boot-swap)
BOOT_TIMEOUT 300 (seconds)
USB_TIMEOUT 40 (seconds)
DROP_MODE 0 (0:normal, 1:drop)
SW_RESET 0 (1: reset)
DEV_NAME pcie-0000:5c:00.2
DEV_INFO BlueField-3(Rev 1)
OPN_STR N/A
UP_TIME 1822(s)
SECURE_NIC_MODE 0 (0:no, 1:yes)
FORCE_CMD 0 (1: send Force command)

         Log Messages

INFO[PSC]: PSC BL1 START
INFO[BL2]: start
INFO[BL2]: boot mode (emmc)
INFO[BL2]: VDD_CPU: 850 mV
INFO[BL2]: VDDQ: 1120 mV
INFO[BL2]: DDR POST passed
INFO[BL2]: UEFI loaded
INFO[BL31]: start
INFO[BL31]: lifecycle GA Secured
INFO[BL31]: runtime
INFO[BL31]: MB ping success
INFO[UEFI]: eMMC init
INFO[UEFI]: eMMC probed
INFO[UEFI]: UPVS valid
INFO[UEFI]: PCIe enum start
INFO[UEFI]: PCIe enum end
INFO[UEFI]: PMI: updates started
INFO[UEFI]: PMI: total updates: 1
INFO[UEFI]: PMI: updates completed, status 0
INFO[UEFI]: PMI: updates started
INFO[UEFI]: PMI: total updates: 6
INFO[UEFI]: PMI: updates completed, status 0
INFO[UEFI]: UEFI Secure Boot (disabled)
INFO[UEFI]: PK configured
INFO[UEFI]: Redfish enabled
INFO[UEFI]: DPU-BMC RF credentials found
INFO[UEFI]: exit Boot Service
INFO[MISC]: Linux up
INFO[MISC]: DPU is ready

Hi Sam_Zhang

follow this steps, please not use --config bf.cfg, I mean use only this command

bfb-install --bfb bf-bundle-3.1.0-76_25.07_ubuntu-22.04_prod.bfb --rshim rshim0

Checking if local host has root access…

Checking if rshim driver is running locally…

Pushing bfb

1.36GiB 0:01:13 [19.0MiB/s] [ <=> ]

Collecting BlueField booting status. Press Ctrl+C to stop…

INFO[BL2]: start

INFO[BL2]: boot mode (rshim)

INFO[BL2]: DDR POST passed

INFO[BL2]: UEFI loaded

INFO[BL31]: start

INFO[BL31]: lifecycle GA Secured

INFO[BL31]: runtime

INFO[UEFI]: UPVS valid

INFO[UEFI]: eMMC init

INFO[UEFI]: eMMC probed

INFO[UEFI]: PMI: updates started

INFO[UEFI]: PMI: total updates: 1

INFO[UEFI]: PMI: updates completed, status 0

INFO[UEFI]: PCIe enum start

INFO[UEFI]: PCIe enum end

INFO[UEFI]: UEFI Secure Boot (disabled)

INFO[UEFI]: Redfish enabled

INFO[UEFI]: exit Boot Service

INFO[MISC]: Erasing eMMC drive: /dev/mmcblk0

INFO[MISC]: Ubuntu installation started

INFO[MISC]: Installing OS image

INFO[MISC]: Ubuntu installation completed

INFO[MISC]: Installed NIC Firmware is the same as provided. Skipping NIC Firmware update.

INFO[MISC]: Installation finished

After finish you need enter to console with this command

# sudo screen /dev/rshim0/console 115200

After you enter to console, need login using username: ubuntu password: ubuntu

When you complete this steps you will access over SSH.

Let me know if this works for you.

Thanks

Dear Tuanama00,

I have already mentioned that at the first begining, I have tried both
option 1: No Pre-defined Password

option 2: Pre-defined Password

SSH or Console login always have password error and can’t login to BF3 successfully.
Please read my whole story that I have tried and give me some useful information.

root@lanner:/home/f5/nvidia# bfb-install --bfb bf-fwbundle-2.9.2-32-prod.bfb --rshim rshim0
Checking if local host has root access…
Checking if rshim driver is running locally…
Warn: ‘pv’ command not found. Continue without showing BFB progress.
Pushing bfb
Collecting BlueField booting status. Press Ctrl+C to stop…
INFO[PSC]: PSC BL1 START
INFO[BL2]: start
INFO[BL2]: boot mode (rshim)
INFO[BL2]: VDD_CPU: 851 mV
INFO[BL2]: VDDQ: 1120 mV
INFO[BL2]: DDR POST passed
INFO[BL2]: UEFI loaded
INFO[BL31]: start
INFO[BL31]: lifecycle GA Secured
INFO[BL31]: runtime
INFO[BL31]: MB ping success
INFO[UEFI]: eMMC init
INFO[UEFI]: eMMC probed
INFO[UEFI]: UPVS valid
INFO[UEFI]: PMI: updates started
INFO[UEFI]: PMI: total updates: 1
INFO[UEFI]: PMI: updates completed, status 0
INFO[UEFI]: PCIe enum start
INFO[UEFI]: PCIe enum end
INFO[UEFI]: UEFI Secure Boot (disabled)
INFO[UEFI]: PK configured
INFO[UEFI]: Redfish enabled
INFO[UEFI]: exit Boot Service
INFO[MISC]: Installed NIC Firmware is the same as provided. Skipping NIC Firmware update.
INFO[MISC]: Installation finished
root@lanner:/home/f5/nvidia#

# sudo screen /dev/rshim0/console 115200

image556×376 6.45 KB

Dear Tuanama00,

I just find that image I downloaded is the “bf-fwbundle-2.9.2-32-prod.bfb” which doesn’t contain OS image inside.

After I downloaded “bf-bundle-2.9.2-31_25.02_ubuntu-22.04_prod.bfb”. The password can be changed, and I can login to BF3 now.

Case can be closed now.

Thanks for your great support.

image1498×844 55.7 KB

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.