- Package:
- openssh-server
- Source:
- openssh-server
- Description:
- secure shell (SSH) server, for secure access from remote machines
- Submitter:
- Francesco Potortì
- Date:
- 2026-06-28 07:43:02 UTC
- Severity:
- normal
- Tags:
From time to time I see these two line in the auth.log: pam_lastlog2(sshd:session): Failed to execute statement: database is locked pam_lastlog2(sshd:session): SQL error: database is locked These are part of a legitimate user's auth sequence which fails. The user name is USER sshd-session[1701679]: Accepted publickey for USER from 109.234.58.120 port 64709 ssh2: RSA SHA256:qVocyzOxy2cJBE0tcTZ3vxqJWmbjG7oNN5fOBX+Wp7M sshd-session[1701679]: pam_unix(sshd:session): session opened for user USER(uid=1000) by USER(uid=0) systemd-logind[1752]: New session '410904' of user 'USER' with class 'user' and type 'tty'. sshd-session[1701691]: Accepted publickey for USER from 109.234.58.120 port 60272 ssh2: RSA SHA256:qVocyzOxy2cJBE0tcTZ3vxqJWmbjG7oNN5fOBX+Wp7M sshd-session[1701691]: pam_unix(sshd:session): session opened for user USER(uid=1000) by USER(uid=0) systemd-logind[1752]: New session '410905' of user 'USER' with class 'user' and type 'tty'. sshd-session[1701691]: pam_lastlog2(sshd:session): Failed to execute statement: database is locked sshd-session[1701691]: pam_lastlog2(sshd:session): SQL error: database is locked sshd-session[1701703]: Received disconnect from 109.234.58.120 port 60272:11: disconnected by user sshd-session[1701703]: Disconnected from user USER 109.234.58.120 port 60272 sshd-session[1701691]: pam_unix(sshd:session): session closed for user USER systemd-logind[1752]: Session 410905 logged out. Waiting for processes to exit. systemd-logind[1752]: Removed session 410905.
Control: reassign -1 libpam-lastlog2 At first glance this looks as though it's most likely to be a bug in pam_lastlog2, so I'm reassigning this bug there; sshd doesn't really have any control over how pam_lastlog2 locks its database. I'd be prepared to believe this is an OpenSSH bug if somebody can show that OpenSSH is misusing the PAM API somehow. Thanks,