处理Account locked due to 217 failed logins的问题
[root@xxx1 ~]# scp 123.txt root@IP地址:/root
Account locked due to 213 failed logins
Account locked due to 215 failed logins
Account locked due to 217 failed logins
[root@xxx2 ~]# pam_tally2 --user=root
Login Failures Latest failure From
root 226 04/14/14 10:51:15 172.25.128.80
pam_tally2: Unknown user
[root@xxx2 ~]# pam_tally2 --user=root --reset
Login Failures Latest failure From
root 226 04/14/14 10:51:15 172.25.128.80
[root@xxx2 ~]# pam_tally2 --user=root
Login Failures Latest failure From
需要查看pam认证模块
vi /etc/pam.d/password-auth
auth required pam_tally2.so file=/var/log/tallylog deny=3 even_deny_root unlock_time=1200
account required pam_tally2.so
用法:
file=/var/log/tallylog – Default log file is used to keep login counts.
deny=3 – Deny access after 3 attempts and lock down user.
even_deny_root – Policy is also apply to root user.
unlock_time=1200 – Account will be locked till 20 Min. (remove this parameters if you want to lock down permanently till manually unlock.)