user account gets locked out after 5 successful public-key based ssh logins

Aug 19, 2011 8:02AM · Aug 19, 2011 8:02AM

Hi Experts,

We implemented account locking feature recently. We observed a strange behaviour on one of our server: the account gets locked out after 5 successful public-key based logins via ssh:

/etc/security/policy.conf:
LOCK_AFTER_RETRIES=YES
/etc/default/login:
RETRIES=5

# grep sybase /etc/passwd
sybase:x:100:100:Sybase User Account:/apps/sybase:/bin/ksh

Below is the messages found in /var/adm/messages:

Aug 19 10:52:47 sbuatsvrp291 sshd[17663]: [ID 800047 auth.info] Accepted publickey for sybase from 172.22.12.222 port 41629 ssh2
Aug 19 10:52:48 sbuatsvrp291 sshd[17683]: [ID 800047 auth.info] Accepted publickey for sybase from 172.22.12.222 port 41631 ssh2
Aug 19 10:52:49 sbuatsvrp291 sshd[17697]: [ID 800047 auth.info] Accepted publickey for sybase from 172.22.12.222 port 41637 ssh2

Oracle Solaris System Administration (MOSC)

user account gets locked out after 5 successful public-key based ssh logins

Howdy, Stranger!

Category Leaderboard

Top contributors this month