LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-18-2009, 04:43 PM   #1
hv905c
LQ Newbie
 
Registered: Nov 2007
Posts: 4

Rep: Reputation: 0
lock user account after failed login attempts with FC 10


I am trying to figure out how to lock a user account after 3 failed attempts (incorrect passwords) with FC10. I have tried two methods.

I added the following lines two the default rules list that came with
FC 1- in /etc/pam.d/system-auth-ac

1:

auth required pam_tally.so deny=3
account required pam_tally.so

If I tail -f /var/log/secure

I see that is pam_tally(su:auth): user xxxx (501) tally 4 deny 3

However once I enter in the right password no matter how high the tally, I still log in successfully

why?


2:

auth required pam_tally2.so deny=3
account required pam_tally2.so

With this I actually get a brief message saying my account has been locked. However If I just enter in the correct password I login just fine.

why?


So basically I am looking for a config that is compatible with FC10 and will lock a user out after 3 failed login attempts.

Thanks for any help.

Jon Flechsenhaar
Network Services Layer
 
Old 05-18-2009, 08:44 PM   #2
jailbait
Guru
 
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,472

Rep: Reputation: 154Reputation: 154
Quote:
Originally Posted by hv905c View Post
I am trying to figure out how to lock a user account after 3 failed attempts (incorrect passwords) with FC10.
You can set LOGIN_RETRIES in /etc/login.defs. See:

man login.defs

http://www.linux.gr/cgi-bin/man/man2html?login.defs+5

----------------------
Steve Stites
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Configure Failed logins to lock accounts after 5 failed attempts mccartjd Linux - Newbie 5 05-05-2008 08:02 AM
Constant failed login attempts... seanferd Linux - Security 8 11-09-2006 08:42 AM
lock root account after 3 login attempts - RHEL AS 3 jrparker2005 Red Hat 1 05-17-2005 12:43 PM
lock password after failed attempts... manudath Linux - Security 2 04-28-2005 10:55 AM
Lock account after successive login attempts herrmag Linux - Newbie 1 02-03-2005 06:10 PM


All times are GMT -5. The time now is 11:08 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration