Unable to login to BMC with Failed SSH password and Block IP events
Applies to
- ONTAP 9
- BMC
Issue
- Unable to login to the BMC using the working cluster admin user:
Putty$ ssh admin@netapp-01-bmc
admin@netapp-01-bmc's password:
Permission denied, please try again.
- A temporary created user, with admin role and SSH plus service-processor applications permitions, is working fine.
- BMC logs indicate a failure, using the correct password:
Record 1: Mon Jan 01 01:02:03.456789 2024 [auth.notice]: Failed SSH password from 192.168.1.1
Record 2: Mon Jan 01 04:05:06.789012 2024 [auth.notice]: Block 192.168.1.1
- Login Attempt errors found in the audit logs. Example for http:
[kern_audit:info:1234] 1234a56789012b3c :: node_name: http :: 192.168.1.1:57984 :: node_name:admin :: Login Attempt :: Error: Error: Account currently locked. Contact the storage administrator to unlock it.
[kern_audit:info:1234] 1234a56789012b3c :: node_name: http :: 192.168.1.1:57984 :: node_name:admin :: Login Attempt :: Error: Authentication failed.
- The issue remains, applying the "
security login unlock" for the admin user
Vserver: SVM_name
Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
...
admin service-processor password admin no none
admin ssh password admin no none
- Since the admin user is inmediately locked again:
Vserver: SVM_name
Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
...
admin service-processor password admin no none
admin ssh password admin no none