|
45 Minute lockout configuration
Does anyone know if it is possible to configure things using pam.d/login.defs/etc so that:
If a user fails to login after 5 attempts, the account is locked for 45 minutes. Is this somehow possible? Or should I forget about trying for this type of functionality. -- Tony |
that's seems pretty straight forward just read the login.defs manpage:
/etc/login.defs Code:
LOGIN_RETRIES 5 |
Double-posting is against the rules. If you aren't satisfied with the response to your thread, wait at least 24 hours then bump that thread. Re-posting the question breaks up the discussion and makes the search function in the forum less effective.
Enjoy! --- Cerbere |
Thanks acid_kewpie, et al:
I've entered the configuration and gave it a try with a testing user. I've tried to login 7 times in a row, giving a bad password each time - but on the 8th time I can still login without delay or a warning. Would pam.d somehow interfer with this functionality? I have pam_tally.so to disable an account after 10 failed attemps. -- Tony PS ... I'll try to watch double posting ;-) |
Did you reboot before testing ?
Many configuration changes only take effect if a module is stopped and restarted, the configuration being read when it starts then held in memory. |
| All times are GMT -5. The time now is 06:32 PM. |