You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

OCI: Instance 20 Second Delay After Bad Password Login Attempt in SSH

edited Jan 12, 2023 8:24AM in Linux

Applies to

Oracle Cloud Infrastructure - Version N/A and later

Linux x86-64


Symptoms

When a wrong password is used when logging into an instance using SSH password authentication, there is a delay of 20 seconds before the next password prompt is displayed.


Cause

The /etc/pam.d/system-auth or /etc/pam.d/password-auth files include entries for LDAP/AD 

authentication in addition to local user authentication.

Example:
auth        required      pam_env.so
auth        required      pam_tally2.so deny=3 unlock_time=2
auth        sufficient    pam_unix.so nullok try_first_pass
auth        sufficient    pam_krb5.so try_first_pass realm=<LDAP-DOMAIN1>
auth        sufficient    pam_krb5.so try_first_pass realm=<LDAP-DOMAIN2>
auth        requisite     pam_succeed_if.so uid >= 500 quiet_success
auth        required      pam_deny.so

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!