centos服务器登录时报多次登录失败

登录服务器显示多次登录失败

There were 9888 failed login attempts since the last successful login.

查看安全日志,并不是有人暴力破解服务器,

Mar 22 16:11:53 node1 sudo[394346]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:11:53 node1 sudo[394346]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:11:53 node1 sudo[394346]: pam_unix(sudo:session): session closed for user root
Mar 22 16:11:54 node1 sudo[394451]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:11:54 node1 sudo[394451]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:11:54 node1 sudo[394451]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:11:54 node1 sudo[394451]: pam_unix(sudo:session): session closed for user root
Mar 22 16:12:39 node1 su[396229]: pam_unix(su-l:session): session opened for user root by (uid=0)
Mar 22 16:12:55 node1 sudo[396887]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:12:55 node1 sudo[396887]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:12:55 node1 sudo[396887]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:12:55 node1 sudo[396887]: pam_unix(sudo:session): session closed for user root
Mar 22 16:12:55 node1 sudo[397036]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:12:55 node1 sudo[397036]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:12:55 node1 sudo[397036]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:12:55 node1 sudo[397036]: pam_unix(sudo:session): session closed for user root
Mar 22 16:13:56 node1 sudo[399353]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:13:56 node1 sudo[399353]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:13:56 node1 sudo[399353]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:13:56 node1 sudo[399353]: pam_unix(sudo:session): session closed for user root
Mar 22 16:13:56 node1 sudo[399459]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:13:56 node1 sudo[399459]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:13:56 node1 sudo[399459]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:13:56 node1 sudo[399459]: pam_unix(sudo:session): session closed for user root
Mar 22 16:14:57 node1 sudo[401916]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:14:57 node1 sudo[401916]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:14:57 node1 sudo[401916]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:14:57 node1 sudo[401916]: pam_unix(sudo:session): session closed for user root
Mar 22 16:14:58 node1 sudo[402111]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:14:58 node1 sudo[402111]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:14:58 node1 sudo[402111]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:14:58 node1 sudo[402111]: pam_unix(sudo:session): session closed for user root
Mar 22 16:16:00 node1 sudo[404447]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:16:00 node1 sudo[404447]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:16:00 node1 sudo[404447]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:16:00 node1 sudo[404447]: pam_unix(sudo:session): session closed for user root
Mar 22 16:16:00 node1 sudo[404602]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:16:00 node1 sudo[404602]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:16:00 node1 sudo[404602]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:16:00 node1 sudo[404602]: pam_unix(sudo:session): session closed for user root
Mar 22 16:16:01 node1 sudo[404765]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:16:01 node1 sudo[404765]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice
Mar 22 16:16:01 node1 sudo[404765]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 22 16:16:01 node1 sudo[404765]: pam_unix(sudo:session): session closed for user root
Mar 22 16:16:01 node1 sudo[404972]:    root : TTY=unknown ; PWD=/root ; USER=root ; COMMAND=/bin/true
Mar 22 16:16:01 node1 sudo[404972]: pam_systemd(sudo:session): Cannot create session: Already running in a session or user slice

经过查询得知是系统自身的问题
解决方式:

 systemd-run -t /bin/su -l

参考:https://github.com/systemd/systemd/issues/10822

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容