1385 shaares
1141 private links
1141 private links
1 result
tagged
tally
Symptôme
$ su - johndoe
Account locked due to 70 failed logins
Password:
su: incorrect password
Dans /var/log/secure
on constate
Apr 21 17:20:59 myhost su: pam_tally2(su-l:auth): user johndoe (20001) tally 70, deny 5
Apr 21 17:21:01 myhost unix_chkpwd[14328]: password check failed for user (johndoe)
Apr 21 17:21:01 myhost su: pam_unix(su-l:auth): authentication failure; logname=janedoe uid=1099 euid=0 tty=pts/1 ruser=janedoe rhost= user=johndoe
Apr 21 17:21:01 myhost su: pam_sss(su-l:auth): authentication failure; logname=janedoe uid=1099 euid=0 tty=pts/1 ruser=janedoe rhost= user=johndoe
Apr 21 17:21:01 myhost su: pam_sss(su-l:auth): received for user johndoe: 10 (User not known to the underlying authentication module)
Le compte ne semble pourtant pas verrouillé
# passwd -S johndoe
johndoe PS 2023-04-21 1 60 10 -1 (Password set, MD5 crypt.)
La méthode classique pour déverrouiller le compte ne fonctionne pas
# usermod -U johndoe
Il est verrouillé par tally, il faut donc le déverrouiller avec tally..
# pam_tally2 -r -u johndoe