admin user of VMware Live Recovery getting locked automatically "Cannot complete login due to an incorrect token, user name, or password."
Article ID: 428478
Updated On:
Products
Issue/Introduction
Following a fresh or existing VLR installation, the admin account is experiencing automatic repeated lockouts.
While the root user remains accessible and can be used to unlock the account via the VAMI, persistent login failures are being recorded.
These events are captured in /var/log/messages, indicating an external source is triggering the lockout policy.
Admin user of VMware Live Recovery getting locked automatically "Cannot complete login due to an incorrect token, user name, or password."
messages.1:abc.xyz.com sshd[203971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=#.#.#.# user=admin
messages.1:abc.xyz.com sshd[203971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=#.#.#.# user=admin
messages.1:abc.xyz.com sshd[203971]: Failed password for admin from #.#.#.# port 54512 ssh2
messages.1:abc.xyz.com sshd[203971]: Disconnected from authenticating user admin #.#.#.# port 54512 [preauth]
messages.1:abc.xyz.com sshd[203971]: Failed password for admin from #.#.#.# port 54512 ssh2
messages.1:abc.xyz.com sshd[203971]: Disconnected from authenticating user admin #.#.#.# port 54512 [preauth]
messages.1:abc.xyz.com sshd[203991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=#.#.#.# user=admin
messages.1:abc.xyz.com sshd[203991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=#.#.#.# user=adminEnvironment
VMware Live Recovery 9.X
Cause
The VMware Live Recovery admin account was locked due to failed SSH login attempts from an incorrectly configured vulnerability scanner.
Admin account does not automatically unlock after 15 minutes. Once triggered the account will remain locked until it is unlocked.
Resolution
Check the admin logs for IP (listed in messages.log); if it’s a security scanner, either add a exception or provide the correct credentials.
Utilize the faillock commands to unlock the account
Feedback
