Hi Darren,
I'm using OpenSSH version 4.6p1 ans solaris10.
I noticed that all the login failures are counted in /etc/shadow file.
In my sshd_config file the entry empty passwd is set
"PermitEmptyPasswords yes"
Every time when i try to ssh to the server other than root user
before entering passwd the count in /etc/shadow file is incremented by
one (as shown below) .
$ cat /etc/shadow | grep test
test:QKvRzcIw5ZLls:14267:7:56:42:::1
Due to this after first successful ssh login also i'm geting the
warning message as below ( here i have entered correct passwd in the
first attemppt but still i got the warning message)
$ssh -l test wcars1q7
password:
Warning: 1 failed login attempt since last successful login.
I believe the count is increamented even before entering the passwd
is due to the entry in sshd_config file is set "PermitEmptyPassword
yes". I disable the empty passwd entry ("PermitEmptyPasswords no") it
works fine as expected. But our server has to use
"PermitEmptyPasswords yes" for other users.
I wonder if there is any other way to avoid this issue other than
disabing emprty passwd entry in sshd_config file.
Thanks in advance,
Salini
