Problem with showing failed login attempts using pam_lastlog.so
Hello,
I have a computer with Fedora 14 installed. By default, it shows the last login when I login. However, I want it to also show any failed login attempts. I've researched PAM on how to do this, and have implemented the solution provided by the man page (and confirmed by several web pages). The problem is, this solution causes the last login line to appear twice -- and with two different times! When reading the man page, it mentions that some modules will show the last login by default (hence you dont need pam_lastlog if the only thing you want is to show the last login), but I want the last login AND the failed login attempts (with no repeating lines). Any help would be appreciated! |
I ran into the same problem a while back .. try this:
Code:
cat <<EOF >> /etc/ssh/sshd_config BTW .. you really should use a newer version of Fedora.. 14 is no longer supported |
Hello kbp,
Thanks for the input. I applied those changes, but the problem still remains. The only difference is now the second last login line has the same time as the first. BTW, I am testing changes like this in a console window on the actual machine so I can log in w/o going through GDM or SSH. I've tried using similar session lines in different parts of /etc/pam.d/login, but it makes no difference. Some PAM module is printing out that last login w/o being asked to -- I just dont know which it is, or if I can even turn it off. |
Did you restart sshd?
|
Quote:
Thanks again for your input. In answer to question: Yes :) Fortunately, I've had to work on SSH before, so I am very familiar with the need to restart the service after any change. I am curious about one thing -- what would SSH have to do with a normal login at the console? I mean, I know I'd have to change it there too, for remote secure logins. But right now I'd settle for getting the console login looking right. Can I ignore SSH for now? (Or is there some relationship between a normal login at the console and SSH?) |
No .. you're correct, there is no relationship between them, have you tried adding the pam_lastlog line to /etc/pam.d/system-auth ?
|
Code:
cat <<EOF >> /etc/pam.d/login Regards CJ |
All times are GMT -5. The time now is 06:28 PM. |