Security FAQ

I can’t log into my Telestra Target, Telestra Studio, or Voisus server platform. How can I reset my account?

Problem

When you try to log into your account via the system terminal, you receive an error message stating, “Login incorrect” or “Your account is locked. Maximum amount of failed attempts was reached.” You cannot access your Telestra Target, Telestra Studio, or Voisus server platform using that account.

Two events can cause these error messages:

  • Multiple failed login attempts: the system locks the account after three failed attempts.
  • Account inactivity: the system locks the account after 35 days of inactivity.
  • Your account will remain locked until you implement one of the three solutions described below.

    Default Login Credentials

    The Telestra and Voisus servers are set with the following default login credentials:

    Account Username Password
    Telestra Studio
    Account 1 aceuser aceuser
    Root root abcd1234
    Telestra Target
    Account 1 admin admin
    Account 2 hlauser HLA!now!
    Root root abcd1234
    Voisus server
    Account 1 astiadmin admin
    Root root abcd1234

    Solutions

    To reset a locked account, use one of the following three solutions:



    Solution 1: Log into the system with a different account.

    Important: Once you have installed ASTi Information Assurance (IA) scripts and tailored your security settings to DISA STIG standards, the system no longer allows you to log in directly as root. Instead, you must log in using a regular account and then elevate to root, as described below.

    Before exploring other solutions, first try logging into the system using another local account’s login credentials. From there, you can access the system as a superuser and reset the locked account’s password. If only one account exists, see Solution 2 or 3 below.

    To change the password using this method, follow these steps:

    1. Reboot the server by pressing the Reset button on the front of the chassis. Wait for the server to reboot.
    2. Log into the system using the alternate account’s login credentials.
    3. At the terminal prompt, type su and press Enter. Type the current root password, and press Enter again. The default password is abcd1234.
    4. To reset the account for failed login attempts, use one of the following command lines:
      1. For RHEL 5, type pam_tally2 --user=username --reset, where username represents the current account username. Press Enter.
      2. For RHEL 6, type faillock --user username --reset, where username represents the current account username. Press Enter.
    5. To reset the account activity/password lock status, type passwd -u username, where username represents the current account username. Press Enter.
    6. (Optional) To change your password, type passwd username, where username represents the account’s username. Press Enter. When the terminal prompts you for a new password, enter the desired new password value, and press Enter again.
    7. To activate your changes, type exit at the prompt, and press Enter. The system logs out of the root account.
    8. At the terminal prompt, log into the system using your new login credentials.


    Solution 2: Boot into single user mode via the GRUB menu.

    To boot into single user mode via the GRUB menu, follow these steps:

    1. Reboot the server by pressing the Reset button on the front of the chassis. Wait for the server to reboot.
    2. When the GRUB menu (i.e., the Red Hat splash screen) appears, press Enter to stop the automatic boot process.
    3. At the terminal prompt, type p, and press Enter. When the terminal prompts you for a password, enter the system’s current password, and press Enter again. The default password is abcd1234.
    4. To edit the account credentials, type e at the prompt, and press Enter.
    5. Three lines of text appear. Navigate to the second line using the Down Arrow key. Go to the end of the line, press the Spacebar, and type 1. Verify a space appears before the 1, and press Enter.
    6. To boot the system, type b at the terminal prompt. The server boots into single user mode.
    7. To log into the system as root, enter the current root password at the prompt, and press Enter. The default root password is abcd1234.
    8. To reset an account for failed login attempts, type one of the following command lines:
      1. For RHEL 5, type pam_tally2 -u username -r, where username represents the current account username. Press Enter.
      2. For RHEL 6, type faillock --user username --reset, where username represents the current account username. Press Enter.
    9. To reset the account activity/password lock status, type passwd -u username at the prompt, where username represents the current account username.
    10. (Optional) To change your password, type passwd username, where username represents the account’s username. Press Enter. When the terminal prompts you for a new password, input the desired new password value, and press Enter again.
    11. To activate your changes, type reboot at the prompt. Wait for the server to reboot.
    12. When the terminal prompts you for a password, log into the system using your new login credentials.

    Note: Upon reboot, the GRUB menu returns to its normal operation.



    Solution 3: Back up, cold start, and restore the system.

    If you are unfamiliar with Linux command lines or do not have root password information, you may be forced to back up your system and reinstall the Red Hat software. Cold starting your system requires you to reconfigure all of your network settings, so use this solution as a last resort. If you experience problems during the cold start, contact your system administrator or ASTi support.

    To back up, cold start, and restore your Telestra or Voisus server, see the ASTi ACE Target Cold Start Guide or the ASTi Voisus Cold Start Guide.