Hi all,
I have a rather persistant annoyance. My HA is locking out my OMV.
When I log into my OMV I get this:
I go to OMV ssh and reset the admin failed login:
And the authog says this:
Mar 27 00:00:46 SARIOMV omv-engined[27706]: pam_tally2(openmediavault:auth): conversation failed
Mar 27 00:00:46 SARIOMV omv-engined[27706]: User ‘admin’ has been banned after 18223 failed login attempts.
Mar 27 00:00:46 SARIOMV omv-engined[27706]: pam_unix(openmediavault:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=admin
Mar 27 00:00:48 SARIOMV openmediavault-webgui[27700]: Unauthorized login attempt from ::ffff:192.168.X.X [username=admin, user-agent=python-requests/2.27.1]
Mar 27 00:01:01 SARIOMV CRON[27707]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 27 00:01:01 SARIOMV CRON[27707]: pam_unix(cron:session): session closed for user root
Mar 27 00:01:46 SARIOMV omv-engined[27735]: pam_tally2(openmediavault:auth): conversation failed
Mar 27 00:01:46 SARIOMV omv-engined[27735]: User ‘admin’ has been banned after 18224 failed login attempts.
Mar 27 00:01:46 SARIOMV omv-engined[27735]: pam_unix(openmediavault:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=admin
Mar 27 00:01:48 SARIOMV openmediavault-webgui[27731]: Unauthorized login attempt from ::ffff:192.168.X.X [username=admin, user-agent=python-requests/2.27.1]
Mar 27 00:02:01 SARIOMV CRON[27737]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 27 00:02:02 SARIOMV CRON[27737]: pam_unix(cron:session): session closed for user root
The IP address (that I have masked here with X.X) is my HA server
I have deleted the HACs install and reisnstalled with the correct password but immediately the lockout starts again.
I need to find the rogue password - anyone know where I might be able to find it?
Thanks