• Device not accessible via SSH.
• Admin GUI actions that require SSH (i.e. Generate Tech Support Bundle, Ping, simulated CLI) do not work, shows error "{"errorcode":"2138","message":"Not authorized to execute this command","severity":"ERROR"}"
• Unable to access device via SCP.
• sshd process not running and unable to start.

Accessed via serial console and modified the contents of the SSH daemon configuration files (/nsconfig/sshd_config and /etc/sshd_config) to make sure they contain all of the required configuration lines.

For reference the contents of sshd_config should be:

Port 22
ListenAddress 0.0.0.0
ListenAddress ::
Protocol 2
HostKey	/nsconfig/ssh/ssh_host_rsa_key
HostKey	/nsconfig/ssh/ssh_host_dsa_key
LoginGraceTime 120
PermitRootLogin yes
LogLevel INFO
IgnoreRhosts no
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
SyslogFacility AUTH
PasswordAuthentication yes 
# UsePrivilegeSeparation: depricated, but keeping it for upgrade/downgrade.
UsePrivilegeSeparation no
UsePam no 
UseDNS no
ClientAliveInterval 10
# after 15 seconds of no data send clientalive
ClientAliveCountMax 5
# only allow 3 outstanding clientalives aka 45 seconds detect disconnect
# CheckMail no
# PidFile /u/zappa/.ssh/pid
# AllowHosts *.our.com friend.other.com
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org
# Umask 022
# SilentDeny yes
Subsystem       sftp    /usr/libexec/sftp-server
AllowTcpForwarding no
# 
MaxStartups 10:30:60
#
Banner /etc/issue.net
#
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc
MACs umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512

Problem Cause

The SSH daemon configuration files (/nsconfig/sshd_config and /etc/sshd_config) had been modified and most configuration lines were missing from the file. This caused SSH daemon process to not be able to start since the node was restarted.