Quản trị net diễn đàn chia sẻ thông tin các thủ thuật mạng, internet bảo mật thông tin dành cho giới IT VIệt hy vọng là nơi bổ ích cho cộng đồng

Quản trị net diễn đàn chia sẻ thông tin các thủ thuật mạng, internet bảo mật thông tin dành cho giới IT VIệt hy vọng là nơi bổ ích cho cộng đồng (http://quantrinet.com/forum/index.php)
-   10. Lỗi, Troubleshooting VMware (http://quantrinet.com/forum/forumdisplay.php?f=538)
-   -   Unable to login because of a ESXi root account lockout (http://quantrinet.com/forum/showthread.php?t=10293)

hoctinhoc 09-12-2021 10:04 AM
Unable to login because of a ESXi root account lockout
 
Fix: Unable to login because of a ESXi root account lockout

Cách fix:

SSH vào vmware esxi và gõ lệnh sau để reset lại login

pam_tally2 --user root
pam_tally2 --user root --reset




When starting one of my VMware ESXi 6.5 lab hosts I was unable to login using the vSphere Host Client. I tried to make an SSH session to the host but got an “Access Denied” message.
When Using the Direct Console Interface (DCUI) I was able to login using the root account. In the log folder (under /var/log) I found that the root account is locked because of many failed attempt by investigate the following log files:
vobd.log


12018-01-02T10:57:00.003Z: [GenericCorrelator] 5612887277us: [vob.user.account.locked] Remote access for ESXi local user account 'root' has been locked for 900 seconds after 58 failed login attempts.
22018-01-02T10:57:00.003Z: [UserLevelCorrelator] 5612887277us: [vob.user.account.locked] Remote access for ESXi local user account 'root' has been locked for 900 seconds after 58 failed login attempts.
32018-01-02T10:57:00.003Z: [UserLevelCorrelator] 5612887502us: [esx.audit.account.locked] Remote access for ESXi local user account 'root' has been locked for 900 seconds after 58 failed login attempts.


auth.log
12018-01-02T11:02:08Z sshd[117700]: Connection from 192.168.249.23 port 63449


22018-01-02T11:02:09Z sshd[117701]: pam_tally2(sshd:auth): user root (0) tally 72, deny 5


32018-01-02T11:02:14Z sshd[117700]: error: PAM: Authentication failure for root from 192.168.249.23


42018-01-02T11:02:14Z sshd[117710]: pam_tally2(sshd:auth): user root (0) tally 73, deny 5




By default the ESXi 6.x password requirements for lockout behavior are:
  • A maximum of ten failed attempts is allowed before the account is locked
  • Password lockout is active on SSH and the vSphere Web Service SDK
  • Password lockout is not active on the Direct Console Interface (DCUI) and the ESXi Shell
To view the number of failed login attempt use the following command:


1pam_tally2 --user root




In my example the there were 58 failed root login attempts:


1Login Failures Latest failure From
2root 58 01/02/18 10:56:59 unknown




The clear the the password lockout use the following command:
1pam_tally2 --user root --reset




After this command I was able to login the vSphere Host Client. In the vSphere Host Client I found the VM that is causing the root account



lockout:
https://www.ivobeerens.nl/wp-content...1-1024x336.jpg
The VM was monitoring the vSphere ESXi host with the wrong root password. After changing the password the account lockout problem was solved.


https://www.ivobeerens.nl/2018/01/02...ccount-locked/


Bây giờ là 01:38 AM. Giờ GMT +7

Diễn đàn tin học QuantriNet
quantrinet.com | quantrimang.co.cc
Founded by Trương Văn Phương | Developed by QuantriNet's members.
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.