When attempting to log in to an Aria Operations node via SSH or the web console using root, the system returns a "Login incorrect" error without prompting for a password.
This issue prevents administrators from accessing the node for troubleshooting or configuration purposes.
Environment
Aria Operations 8.18.x
Cause
This issue is typically caused by corruption in the /etc/pam.d/system-auth file. Two common causes for this corruption are:
STIG Compliance Update Issue: During an upgrade, the STIG (Security Technical Implementation Guide) rules, which are designed to ensure system security, may have failed to update the system-auth file on the affected node. This usually happens when the STIG update cannot find or match certain patterns in the file, leading to the corruption.
Manual Modifications: The system-auth file may have been manually modified on the affected node, which could lead to incorrect configuration and the login issue.
Resolution
To resolve this issue, follow these steps:
1. Copy the Correct system-auth File:
Login to the affected node in grub mode.
Copy the contents of the /etc/pam.d/system-auth file from a functioning Aria Operations node to the affected node.
Ensure that the contents of the file are updated as follows: