[prev] [thread] [next] [lurker] [Date index for 2006/02/15]
--1SQmhf2mF2YjsYvc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable So, there's this AIX box I've to work with. And on this AIX box, there's a user account I often need to work with. So, I want to be able to ssh to that user directly, instead of using ssh & su. I add my public key to the users authorized_keys file, and try to ssh. Failure. Checking the logs, it turns out that permission is denied because there are to many failed attempts. Now I have root on the box, but it's been more than a decade since I=20 last did any administration on an AIX box. Hence, I dive in the manual pages to find out how to fix this. After some digging, there's the command 'chkusr' that looks promising. Indeed, it reports the user has too many failed login attempts, and there's even an option to fix this. So, I run chkusr with the repair option, and it's fixed. Except that it now reports that the account is locked, and it can't fix that. And of course, ssh still doesn't work. Back to the manual pages. Ah, there's SMIT with the 'chuser' argument - for changing user parameters. Just what I need. And there it is, "account locked" is set to true. I switch it to false. Save and quit. Try ssh again. Failed. Too many failed login attempts. WTF? Run SMIT again. The account isn't locked. 'chkusr' says the user has too many failed login attempts, but it can fix that. And so it does. But that results in the account being locked again. Each time when I run 'SMIT chuser' to unlock the account, it starts thinking that the account has too many failed login attempts, and when I use 'chkusr' to unset this flag, the account becomes locked. Only later I learn that if you run SMIT with a different command, you can set even more user parameters, including both the 'locked' and the 'too many failed login attempts' flags. Abigail --1SQmhf2mF2YjsYvc Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFD84cFBOh7Ggo6rasRAhQ4AKCr9qiUu5WOSNVKJkRx0DLj5lWnqACgpDrf bJJq5UXIFKsJvAz9uVCXYa8= =+smE -----END PGP SIGNATURE----- --1SQmhf2mF2YjsYvc--
Generated at 16:00 on 17 Feb 2006 by mariachi 0.52