Unable to Unlock Account on Ubuntu 18.04 - "Account locked due to 50 failed logins"
Solution 1
Nate:
I understand that you have the problem with user "user". You could use the pam_tally2 command:
$ -> whatis pam_tally2
pam_tally2 (8) - The login counter (tallying) module
Try:
pam_tally2 --user=user --reset
You can check if the counter is reset with:
pam_tally2 --user=user
Solution 2
The reason is because, your login is locked by the pam module for exceeding the deny variable, generally set in /etc/pam.d/common-auth
.
The methods you have tried would work, if the password or account were locked/expired in the /etc/shadow
file instead.
I second @Adrian's answer here. Adding up to it
"pam_tally2 module is used to lock user accounts after certain number of failed ssh login attempts made to the system. This module keeps the count of attempted accesses and too many failed attempts."
To get the failure count, use.
sudo pam_tally2 --user=$USER
To reset the count to 0 and unlock your account
sudo pam_tally2 --user=$USER --reset
- Source 1: Three ways to lock and unlock user account in Linux
- Source 2: Use Pam_Tally2 to Lock and Unlock SSH Failed Login Attempts
Nate Houk
Updated on September 18, 2022Comments
-
Nate Houk over 1 year
I have a user account on Ubuntu 18.04 which appears to be locked and cannot be unlocked.
If I try to use sudo, then I receive an error "incorrect password". I know that I am typing in the correct password.
user@server:/root$ sudo touch test [sudo] password for user: Sorry, try again. [sudo] password for user:
If I switch to root and then try to login I receive an error that the account is locked due to too many failed password attempts.
+[root@server:~] 1 # login user Account locked due to 49 failed logins Password:
I have tried to unlock the account with the following two commands:
+[root@server:~] 130 # passwd -u user passwd: password expiry information changed. +[root@server:~] #
Here is the output of --status
+[root@server:~] 6 # passwd -S user user P 06/15/2020 0 99999 7 -1 +[root@server:~] #
I have also tried the following command to unlock:
+[root@server:~] # usermod -U user +[root@server:~] #
However I still receive the error when I use the login command:
+[root@server:~] # login user Account locked due to 50 failed logins Password: Login incorrect server login:
No matter how many times I try these unlock commands, I still am unable to use sudo or login with the login command.
It appears like my account is "locked" via another mechanism.
What am I doing wrong? How can I unlock this account?
-
0xC0000022L almost 4 yearsHi and welcome to SuperUser. Could you add some more information? For example whether you use some sort of directory service. What PAMs are involved and if (plus what) is visible from log files such as
auth.log
?!
-
-
Nate Houk almost 4 yearsThis worked! Why is this so hidden, why is this not documented anywhere I could find... how was I supposed to know this? Is this common?
-
Adrián almost 4 yearsHi, Nate. When something happens once with pam, then the solution is close for experience. There is a lot information about pam as [ man7.org/linux/man-pages/man8/pam_tally2.8.html ]. Regards.