Page 1 of 1
HP-UX OS Servers using Remote SSH method gives errorsUNKNOWN
Posted: Fri May 01, 2020 1:32 am
by veeravamsi
Hi Team,
We have bunch of HP-UX Servers and we are using check_by_ssh commands ( using public-private Key methodology ) we are running few custom scripts ( Plugins ) to gather metrics , and often on few servers we get UNKNOWN errors and when we look at details we noticed below errors :
"Access is denied by the AUTH_MAXTRIES attribute in security(4).Authentication failed."
Is this familiar error and any guidance on cause and fix would be really appreciated .
--Vamsi
Re: HP-UX OS Servers using Remote SSH method gives errorsUNK
Posted: Fri May 01, 2020 4:37 am
by veeravamsi
And one of the Custom Plugin script takes more than 30 seconds to return the response ( which is expected ) so i have added timeout=60 to that. But would this cause any issues ? Meaning if multiple Connections to same server using SSH cause any conflict ?
Re: HP-UX OS Servers using Remote SSH method gives errorsUNK
Posted: Fri May 01, 2020 2:56 pm
by ssax
That really depends on how your HP-UX systems SSH daemons are configured but that doesn't really seem like that's the problem.
Here's what it says about
AUTH_MAXTRIES:
AUTH_MAXTRIES This attribute controls whether an account is locked after too many consecutive authentication failures. It does not apply to trusted systems. This attribute is supported for users in all name server switch repositories, such as local, NIS and LDAP. This attribute is enforced in the pam_hpsec service module, and requires that the pam_hpsec module be configured in /etc/pam.conf. See pam_hpsec(5). Other PAM service modules in your configuration may enforce additional restrictions. The system-wide default defined here may be overridden by defining a per-user value in /var/adm/userdb (described in userdb(4)). When an account has been locked due to too many authentication failures, root can unlock the account by this command: userdbset -d -u username auth_failures AUTH_MAXTRIES=0 Any number of authentication retries is allowed. AUTH_MAXTRIES=N An account is locked after N+1 consecutive authentication failures. N can be any positive integer. Default value: AUTH_MAXTRIES=0
Taken from here:
Code: Select all
https://docstore.mik.ua/manuals/hp-ux/en/B2355-60130/security.4.html
whether an account is locked after too many consecutive authentication failures
So that means it had to have failed to authenticate enough times that AUTH_MAXTRIES was hit.
We would need to know why it was failing to auth, what do the security logs say?
NOTE: We are not HP-UX admins here and we do not have access to HP-UX systems for testing.
Re: HP-UX OS Servers using Remote SSH method gives errorsUNK
Posted: Mon May 04, 2020 8:43 am
by veeravamsi
Sure . Thanks for looking at this and giving a lead. I will ask my HP Admins to look at security logs.
You can close this thread !!
Re: HP-UX OS Servers using Remote SSH method gives errorsUNK
Posted: Mon May 04, 2020 10:02 am
by scottwilkerson
veeravamsi wrote:Sure . Thanks for looking at this and giving a lead. I will ask my HP Admins to look at security logs.
You can close this thread !!
Great!
Locking