处理Account locked due to 217 failed logins的问题

处理Account locked due to 217 failed logins的问题
[root@xxx1 ~]# scp 123.txt root@IP地址:/root
Account locked due to 213 failed logins

Account locked due to 215 failed logins

Account locked due to 217 failed logins

 

[root@xxx2 ~]# pam_tally2 --user=root
Login           Failures Latest failure     From
root              226    04/14/14 10:51:15  172.25.128.80

pam_tally2: Unknown user
[root@xxx2 ~]# pam_tally2 --user=root --reset
Login           Failures Latest failure     From
root              226    04/14/14 10:51:15  172.25.128.80
[root@xxx2 ~]# pam_tally2 --user=root
Login           Failures Latest failure     From

 

需要查看pam认证模块
vi /etc/pam.d/password-auth
auth        required      pam_tally2.so  file=/var/log/tallylog deny=3 even_deny_root unlock_time=1200

account     required      pam_tally2.so

 

用法：
file=/var/log/tallylog – Default log file is used to keep login counts.
deny=3 – Deny access after 3 attempts and lock down user.
even_deny_root – Policy is also apply to root user.
unlock_time=1200 – Account will be locked till 20 Min. (remove this parameters if you want to lock down permanently till manually unlock.)

 

转载于:https://blog.51cto.com/miaopan/1558725