Problem with showing failed login attempts using pam_lastlog.so
Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Problem with showing failed login attempts using pam_lastlog.so
Hello,
I have a computer with Fedora 14 installed. By default, it shows the last login when I login. However, I want it to also show any failed login attempts.
I've researched PAM on how to do this, and have implemented the solution provided by the man page (and confirmed by several web pages). The problem is, this solution causes the last login line to appear twice -- and with two different times!
When reading the man page, it mentions that some modules will show the last login by default (hence you dont need pam_lastlog if the only thing you want is to show the last login), but I want the last login AND the failed login attempts (with no repeating lines).
Thanks for the input. I applied those changes, but the problem still remains. The only difference is now the second last login line has the same time as the first.
BTW, I am testing changes like this in a console window on the actual machine so I can log in w/o going through GDM or SSH. I've tried using similar session lines in different parts of /etc/pam.d/login, but it makes no difference.
Some PAM module is printing out that last login w/o being asked to -- I just dont know which it is, or if I can even turn it off.
Thanks again for your input. In answer to question: Yes Fortunately, I've had to work on SSH before, so I am very familiar with the need to restart the service after any change.
I am curious about one thing -- what would SSH have to do with a normal login at the console? I mean, I know I'd have to change it there too, for remote secure logins. But right now I'd settle for getting the console login looking right. Can I ignore SSH for now? (Or is there some relationship between a normal login at the console and SSH?)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.