All Products
Search
Document Center

Logon to a Linux instance fails and the "login: Module is unknown" error is displayed.

Last Updated: Jun 08, 2021

Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.

 

Problem description

When you remotely log on to a Linux instance using the management terminal or instance account password, the logon fails, and the following error message is displayed in the secure log.

login: Module is unknown.
login: PAM unable to dlopen(/lib/security/pam_limits.so): /lib/security/pam_limits.so: cannot open shared object file: No such file or directory.

 

Cause

Each PAM-enabled application has a configuration file with the same name in the /etc/pam.d directory. For example, the configuration file of the login command is /etc/pam.d/login. You can configure a specific policy in the corresponding configuration file as follows:

File Features
/etc/pam.d/login Configuration file corresponding to the console (management Terminal)
/etc/pam.d/sshd Log on to the corresponding configuration file
/etc/pam.d/system-auth System global configuration file

 

During remote connection logon, some applications that are enabled with PAM fail to load modules, resulting in logon interaction failure when corresponding policies are configured. Here you can view the /etc/pam.d/sshd and /etc/pam.d/system-auth files. If an error occurs in the /etc/pam.d/login configuration file of the management terminal, submit a ticket to contact Alibaba Cloud technical support personnel.

 

Solution

Alibaba Cloud reminds you that:

  • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
  • If you modify the configurations and data of instances including but not limited to ECS and RDS instances, we recommend that you create snapshots or enable RDS log backup.
  • If you have authorized or submitted security information such as the logon account and password in the Alibaba Cloud Management console, we recommend that you modify such information in a timely manner.

 

Unable to log on through instance account password

  1. Log on to a Linux instance through the management terminal.
  2. Run the following command to view the PAM configuration file and check whether the following information is included in the configuration file.
    cat [$File_Name]
    Note:[$File_Name] is the absolute path of the corresponding PAM configuration file.
    The specific information is shown below.
    Cat
  3. Run the following command to confirm that the pam_limits.so module file does not exist, because in a 64-bit Linux instance, the correct path should be /lib64/security.
    ll /lib/security/pam_limits.so
  4. Run the following command to change the path of the pam_limits.so module to the correct path, and then save and exit:
    vi [$File_Name]
    The modified information is as follows.
    session    required     /lib64/security/pam_limits.so
  5. Log on to the Linux instance again and confirm that you can log on normally.

 

Unable to log on through the management Terminal

Open a ticket to contact Alibaba Cloud technical support personnel.

 

Documentation

For more information about why you cannot log on to Linux instances through SSH, see guidelines.

 

Application scope

  • ECS

 

If the problem persists, you can seek a free consultation in the Alibaba Cloud Community or submit a ticket to contact Alibaba Cloud technical support.