Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 05-18-2009, 04:43 PM   #1
LQ Newbie
Registered: Nov 2007
Posts: 4

Rep: Reputation: 0
lock user account after failed login attempts with FC 10

I am trying to figure out how to lock a user account after 3 failed attempts (incorrect passwords) with FC10. I have tried two methods.

I added the following lines two the default rules list that came with
FC 1- in /etc/pam.d/system-auth-ac


auth required deny=3
account required

If I tail -f /var/log/secure

I see that is pam_tally(su:auth): user xxxx (501) tally 4 deny 3

However once I enter in the right password no matter how high the tally, I still log in successfully



auth required deny=3
account required

With this I actually get a brief message saying my account has been locked. However If I just enter in the correct password I login just fine.


So basically I am looking for a config that is compatible with FC10 and will lock a user out after 3 failed login attempts.

Thanks for any help.

Jon Flechsenhaar
Network Services Layer
Old 05-18-2009, 08:44 PM   #2
LQ Guru
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Jessie, Linux Mint 17
Posts: 7,734

Rep: Reputation: 262Reputation: 262Reputation: 262
Originally Posted by hv905c View Post
I am trying to figure out how to lock a user account after 3 failed attempts (incorrect passwords) with FC10.
You can set LOGIN_RETRIES in /etc/login.defs. See:

man login.defs

Steve Stites


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Configure Failed logins to lock accounts after 5 failed attempts mccartjd Linux - Newbie 5 05-05-2008 08:02 AM
Constant failed login attempts... seanferd Linux - Security 8 11-09-2006 08:42 AM
lock root account after 3 login attempts - RHEL AS 3 jrparker2005 Red Hat 1 05-17-2005 12:43 PM
lock password after failed attempts... manudath Linux - Security 2 04-28-2005 10:55 AM
Lock account after successive login attempts herrmag Linux - Newbie 1 02-03-2005 06:10 PM

All times are GMT -5. The time now is 03:38 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration