"Locking accounts with PAM" DO NOT WORKING HERE

[lse123new]

YOU HAVE ANY IDEA WHY PAM "Locking accounts with PAM" DO NOT WORKING HERE??? first block from terminal 1 second from terminal 2 (set in terminal-1, tried login in terminal-2),... after more than 3 tries Not shown logged account... well?
basically using host MBP 2016 15" - guest Cent OS 7.4 - Hypervisor Vmware Fusion - ssh client : VS Code Terminal from my Mac.. in bash mode

terminal 1

[root@exam ~]# cat /etc/pam.d/system-auth-local
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_tally2.so deny=3
auth required pam_env.so
auth required pam_faildelay.so delay=2000000
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth required pam_deny.so


account required pam_tally2.so
account required pam_time.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so

# password required pam_cracklib.so minlen=6 dcredit=-2 ucredit=-2 lcredit=-2
password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
[root@exam ~]# ls -l !$
ls -l /etc/pam.d/system-auth-local
-rw-r--r--. 1 root root 1234 May 12 13:14 /etc/pam.d/system-auth-local
[root@exam ~]# ls -l /etc/pam.d/system-auth
lrwxrwxrwx. 1 root root 17 May 7 11:02 /etc/pam.d/system-auth -> system-auth-local
[root@exam ~]#


terminal 2

[tux@exam ~]$ ssh bob@192.168.9.137
The authenticity of host '192.168.9.137 (192.168.9.137)' can't be established.
ECDSA key fingerprint is SHA256:q6yKPqGdg92Vz7JzJ1d/kChCKv1m1UaaXp9sL+wAM/E.
ECDSA key fingerprint is MD5:b4:d9:59:16:76:8d:f7:be:9f:ee:c8:62:2b:68:f6:00.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.9.137' (ECDSA) to the list of known hosts.
bob@192.168.9.137's password:
Permission denied, please try again.
bob@192.168.9.137's password:
Permission denied, please try again.
bob@192.168.9.137's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[tux@exam ~]$ ssh bob@192.168.9.137
bob@192.168.9.137's password:
Permission denied, please try again.
bob@192.168.9.137's password:
Your account has expired; please contact your system administrator
Authentication failed.
[tux@exam ~]$ ssh bob2@192.168.9.137
bob2@192.168.9.137's password:
Permission denied, please try again.
bob2@192.168.9.137's password:
Permission denied, please try again.
bob2@192.168.9.137's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[tux@exam ~]$ ssh bob2@192.168.9.137
bob2@192.168.9.137's password:
Last failed login: Sat May 12 13:16:38 EEST 2018 from 192.168.9.137 on ssh:notty
There were 3 failed login attempts since the last successful login.
[bob2@exam ~]$ ssh tux@localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:q6yKPqGdg92Vz7JzJ1d/kChCKv1m1UaaXp9sL+wAM/E.
ECDSA key fingerprint is MD5:b4:d9:59:16:76:8d:f7:be:9f:ee:c8:62:2b:68:f6:00.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[bob2@exam ~]$ ssh tux@localhost
tux@localhost's password:
Last failed login: Sat May 12 13:20:42 EEST 2018 from ::1 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Sat May 12 13:11:44 2018 from 192.168.9.1
[tux@exam ~]$ exit
logout
Connection to localhost closed.
[bob2@exam ~]$ ssh tux@localhost
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[bob2@exam ~]$ ssh tux@localhost
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[bob2@exam ~]$ ssh tux@localhost
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[bob2@exam ~]$ ssh tux@localhost
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied, please try again.
tux@localhost's password:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
[bob2@exam ~]$ ssh tux@localhost
tux@localhost's password:
Last failed login: Sat May 12 13:22:04 EEST 2018 from ::1 on ssh:notty
There were 8 failed login attempts since the last successful login.
Last login: Sat May 12 13:20:52 2018 from ::1
[tux@exam ~]$

[Chirpychirps77]

Hi,

Could be wrong, but I thought it switched to faillock, and pam_tally2 was a no go for 7.X