The error message “Permission denied” is reported when I log in using VNC or SSH key.
Using the VNC or SSH login will call
system-auth for authentication if this module is configured in the
/etc/pam.d/login configuration file. By default, the
system-auth module introduces the
pam_limits.so module. The default
system-auth configuration is as shown below:
pam_limits.so module is mainly used to limit the use of system resources during the user session. Its default configuration file
/etc/security/limits.conf specifies the maximum number of files, the maximum number of threads, the maximum memory and other resources that a user can use. See the table below for details.
||The maximum number of open file descriptors (soft limit)|
||The maximum number of open file descriptors (hard limit), which cannot be exceeded.|
||The maximum number of open file handles (struct file in the kernel) at the system level.|
||The maximum number of file descriptors (fd) assigned to a process|
The login failure may be caused by incorrect configurations of the maximum number of open file descriptors for the root account in the
/etc/security/limits.conf configuration file. The set value of
soft nofile should be no more than
hard nofile, and
hard nofile should be no more than
Perform the troubleshooting procedure to correct the relationship configurations of
hard nofile and
soft nofile ≤ hard nofile ≤ fs.nr_open.
In this example, their values are 3000001 and 3000002 respectively, as shown below.
In this example, its value is 1048576, as shown below.
sysctl -a 2>/dev/null | grep -Ei "file-max|nr_open"
/etc/security/limits.conffile to add or modify the following configurations at the end of the file.
root soft nofile: 100001
root hard nofile: 100002
/etc/sysctl.conffile to add or modify the following configurations at the end of the file.
This step is optional when the relationship
soft nofile ≤ hard nofile ≤ fs.nr_openis met. Perform this step to increase the system limit.