The title says it all. I have my unsuccessful login attempts set to three. I purposefully fail logging in 2x, then when I SSH into the box successfully the 3rd time my count drops back to zero; exactly what should happen. But at the console I get failed login attempts EVEN for my successful login attempts. I am using RHEL 5.6 and no I am not able to upgrade. Here is my system-auth file:

auth    required    pam_env.so
auth    required    pam_tally.so onerr=fail deny=3 per_user
auth    sufficient  pam_unix.so nullok try_first_pass
auth    requisite   pam_succeed_if.so uid >= 500 quiet
auth    required    pam_deny.so

account required    pam_unix.so
account required    pam_tally.so
account sufficient  pam_succeed_if.so uid < 500 quiet
account required    pam_permit.so

password requisite  pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password required   pam_deny.so

session  optional   pam_keyinit.co revoke
session  required   pam_limits.so
session  [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session  required   pam_unix.so

I have tried adding reset after and in place of per_user in the auth required pam_tally.so field. Nothing seems to work and I don't know why SSH is working just fine. Any ideas?