28 Apr 17 Handle with care: TCP wrappers /etc/hosts.allow
Real life story.
DMZ based server dedicated to SFTP was configured with sshd rules in /etc/hosts.allow
sshd : ALL@16.89.97.*:ALLOW
sshd : ALL@14.251.*:ALLOW
sshd : AAL@208.94.61.*:ALLOW
Should have been:
sshd : ALL@16.89.97.*:ALLOW
sshd : ALL@14.251.*:ALLOW
sshd : ALL@208.94.61.*:ALLOW
That network was the firewall to the outside world.
The end users were inconvenienced and the firewall team wasted a lot of time reviewing rues and looking at logs.
24 Jan 14 How to reset auth retry count on hp-ux 11.31
I really published this as a self reference document so I can find it next time this happens and I forget how to fix it.
root logins fail enough time to lock the root password. You power cycle the box and boot single user mode to fix the problem.
userdbset -d -u root auth_failures
