Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: max_connections in ssh
Operating Systems AIX max_connections in ssh Post 302166926 by bakunin on Wednesday 13th of February 2008 05:15:14 AM
Old 02-13-2008
Quote:
Originally Posted by invinzin21
no error occured. But i checkd the loginfailed its ssh user...
invinzin21, you seem not to understand what HPAVC is trying to tell you: provide some info! To tell us "the account locks up" is fine, but how exactly is it locked up? Provide some output of "lsuser <ssh_user_account>", tell us what the "max_logins" line in /etc/security/login.defs is looking like (as i told you already), etc. Maybe its as simple as the ssh command giving the wrong password. AIX locks accounts if a maximum of failed login attempts is exeeded and they have to be unlocked by the administrator then - but that (as all the other things told to you) ARE JUST GUESSES and this is what we are left to as long as you do not show us some output of your actual system.

If you have a broken bycycle and want the mechanic to fix it you BRING IT THERE TO SHOW - you don't just call and tell the guy "yeah, well, it somehow doesn't go anymore or so".

HPAVC also asked about OS version and release level - still unanswered.

Sticking with the example above: if the poor guy on the phone is trying to find whats wrong with your bike and asks you which model it is: do you tell him "a yellow one" or do you think manufacturer, model number, year of purchase and similar information would be more useful to him?

bakunin
 

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

could not send commands SSH session with Net::SSH::Expect

I am using Net::SSH::Expect to connect to the device(iLO) with SSH. After the $ssh->login() I'm able to view the prompt, but not able to send any coommands. With the putty I can connect to the device and execute the commands without any issues. Here is the sample script my $ssh =... (0 Replies)
Discussion started by: hansini
0 Replies

2. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

3. Shell Programming and Scripting

Ssh = ssh expect and keep everything not change include parameter postion

I have write a script which contains ssh -p 12345 dcplatform@10.125.42.50 ssh 127.0.0.1 -p 5555 "$CMD" ssh root@$GUEST_IP "$CMD" before I use public key, it works well, now I want to change to "expect", BUT I don't want to change above code and "parameter position" I can post a... (1 Reply)
Discussion started by: yanglei_fage
1 Replies

4. UNIX for Beginners Questions & Answers

Ssh script to validate ssh connection to multiple serves with status

Hi, I want to validate ssh connection one after one for multiple servers..... password less keys already setup but now i want to validate if ssh is working fine or not... I have .sh script like below and i have servers.txt contains all the list of servers #/bin/bash for host in $(cat... (3 Replies)
Discussion started by: sreeram4
3 Replies

5. Shell Programming and Scripting

Find active SSH servers w/ ssh keys on LAN

Hi, I am trying to complete my bash script in order to find which SSH servers on LAN are still active with the ssh keys, but i am frozen at this step: #!/bin/bash # LAN SSH KEYS DISCOVERY SCRIPT </etc/passwd \ grep /bin/bash | cut -d: -f6 | sudo xargs -i -- sh -c ' && cat... (11 Replies)
Discussion started by: syrius
11 Replies

LEARN ABOUT OSF1

login

login(1)						      General Commands Manual							  login(1)

NAME

       login - Signs the user on to the system

SYNOPSIS

       login [-p] [-h host] [[-f] user]

       The login command is used when a user initially signs on to the system and also by daemons, such as ftp, to create a user's environment.

       This  security-sensitive command uses the Security Integration Architecture (SIA) routine as an interface to the security mechanism(s) that
       perform the actual user validation. See the matrix.conf(4) reference page for more information.

OPTIONS

       With the exception of -p, these options are available only to the superuser.  Used by telnetd and other servers to list the host from which
       the  connection	was received.  Used with a user name user on the command line to indicate that proper authentication was already done, and
       that no password needs to be requested.	Causes the remainder of the environment to be preserved; otherwise, any  previous  environment	is
       discarded.

DESCRIPTION

       The invocation of login for initial signon is made by a system program or server using the privileged -h and -f forms of the login command.

       If  login  is  invoked  without an argument, it asks for a user name, and, if appropriate, a password.  Echoing is turned off (if possible)
       during the entering of the password, so it will not appear on the written record of the session.

       After a successful login, accounting files are updated.	You are informed of the existence of mail, and the message of the day and the time
       of  last  login	are displayed.	The mail message, the message of the day, and the last login time are suppressed if there is a file in the
       home directory; this is mostly used to make life easier for users such as uucp.

								      Security Note

       If you have enhanced security installed on your system, the login command prints the last successful and unsuccessful login times and  ter-
       minal  devices.	 If  the  account  does  not have a password and the authentication profile for the account requires one, login starts the
       passwd command to establish one for the account.

       The login command prohibits you from logging in if any of the following are true: The password for the account has expired and  you  cannot
       successfully  change the password.  The password lifetime for the account has passed.  The administrative lock on the account was set.  The
       maximum number of unsuccessful login attempts for the account was exceeded.  The maximum number of unsuccessful login attempts for the ter-
       minal was exceeded.  The administrative lock on the terminal was set.  The terminal has an authorized user list and you are not on it.  The
       terminal has time of day restrictions and the current time is not within them.  The account was retired by the system administrator.

       The login command initializes the user and group IDs and the working directory, and then executes a command interpreter	according to spec-
       ifications found in the password file. Argument 0 (zero) of the command interpreter is the name of the command interpreter with a leading -
       (dash).

       The login command also modifies the environment with information specifying home directory, command interpreter, terminal type  (if  avail-
       able), and user name.

								      Security Note

       If  you	have enhanced security installed on your system, the login command always allows root to log in at the console to avoid the situa-
       tion where all accounts and terminals are locked.

       If either /etc/nologin_hostname or /etc/nologin exists, login prints the contents on your terminal and exits. The shutdown command  creates
       /etc/nologin_hostname (or /etc/nologin in  the case of a clusterwide shutdown) to stop users from logging in when  the system or cluster is
       about to go down.

       Login is recognized by sh, csh, and ksh and executed directly (without forking).

ERRORS

       The user name or the password is invalid.  Consult your system administrator.

									 Security Note

	      If you have enhanced security installed on your system, you may see the following diagnostic  messages:  The  login  command  cannot
	      invoke  the passwd program.  The passwd program is invoked, the user is unable to change the password, and the account requires one.
	      is allowed

	      The login command is allowing a root login at the system console, despite a condition that would normally not allow  such  a  login.
	      The  account  is locked for one of the reasons previously listed.  The terminal is locked for one of the reasons previously  listed.
	      You are not on the authorized user list for the terminal.  The current time is not within the current time-of-day  restrictions  for
	      the terminal.

	      After  an  unsuccessful  login  attempt,	login  waits a specified (configurable) amount of time before it prompts for another login
	      attempt.

	      If the account's password was changed by another user, login prints the time the password was changed and the user who changed it.

	      If your password is about to expire, login warns you of the time of the impending expiration.  Your system  administrator  sets  the
	      warning period.

FILES

       Contains  user and accounting information.  Contains login history.  Contains last login time stamps.  Mail directory.  Message of the day.
       Contains user information.  Stops logins. In a cluster, /etc/nologin is used instead.  Suppresses mail notification, message  of  the  day,
       and last login time.

SEE ALSO

       Commands:   binmail(1), chfn(1), chsh(1), getty(8), init(8), Mail(1), mail(1), mailx(1), passwd(1), rlogin(1), shutdown(8)

       Function:  getpass(3)

       Files:  matrix.conf(4), passwd(4), utmp(4)

       Security

																	  login(1)
All times are GMT -4. The time now is 08:37 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy