1,剛初始化後的LINUX主機,新建用戶後登陸報Connection closed
hadoop@cnsz0804's password:
Connection closed by 10.12.25.114
2,檢查/var/log/secure發現如下報錯
Feb 17 16:36:26 cnsz0804 sshd[15800]: Connection closed by 10.12.24.18
Feb 17 16:39:48 cnsz0804 sshd[16093]: Connection closed by 10.12.24.18
Feb 17 17:18:51 cnsz0804 sshd[19952]: pam_access(sshd:account): access denied for user `hadoop' from `10.12.25.113'
Feb 17 17:18:51 cnsz0804 sshd[19952]: Failed password for hadoop from 10.33.25.113 port 63686 ssh2
Feb 17 17:18:51 cnsz0804 sshd[19953]: fatal: Access denied for user hadoop by PAM account configuration
Feb 17 17:20:16 cnsz0804 sshd[20107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.12.25.113 user=chkusr
3,檢查發現/etc/security/access.conf文件尾有如下配置
# All other users should be denied to get access from all sources.
#- : ALL : ALL
+:ALL:bond0... localhost
+:ALL:10.11.77.
+:ALL:10.11.100.
+:ALL:10.11.108.
+:ALL:10.11.111.
+:ALL:10.31.177.
+:ALL:10.37.100.
+:ALL:10.57.0.
-:ALL EXCEPT usr03 usr01 deploy log :ALL
-:chkusr iaopr serviceop deployop logop: 10.13. 10.42. 10.43. 10.50
去掉如上配置後可以正常登陸
4,修改替換
sed -i '123,$s/^/#/' /etc/security/access.conf
sed -n '123,$p' /etc/security/access.conf