Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 05-18-2009, 05:43 PM   #1
LQ Newbie
Registered: Nov 2007
Posts: 4

Rep: Reputation: 0
lock user account after failed login attempts with FC 10

I am trying to figure out how to lock a user account after 3 failed attempts (incorrect passwords) with FC10. I have tried two methods.

I added the following lines two the default rules list that came with
FC 1- in /etc/pam.d/system-auth-ac


auth required deny=3
account required

If I tail -f /var/log/secure

I see that is pam_tally(su:auth): user xxxx (501) tally 4 deny 3

However once I enter in the right password no matter how high the tally, I still log in successfully



auth required deny=3
account required

With this I actually get a brief message saying my account has been locked. However If I just enter in the correct password I login just fine.


So basically I am looking for a config that is compatible with FC10 and will lock a user out after 3 failed login attempts.

Thanks for any help.

Jon Flechsenhaar
Network Services Layer
Old 05-18-2009, 09:44 PM   #2
LQ Guru
Registered: Feb 2003
Location: Blue Ridge Mountain
Distribution: Debian Wheezy, Debian Jessie
Posts: 7,670

Rep: Reputation: 229Reputation: 229Reputation: 229
Originally Posted by hv905c View Post
I am trying to figure out how to lock a user account after 3 failed attempts (incorrect passwords) with FC10.
You can set LOGIN_RETRIES in /etc/login.defs. See:

man login.defs

Steve Stites


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Configure Failed logins to lock accounts after 5 failed attempts mccartjd Linux - Newbie 5 05-05-2008 09:02 AM
Constant failed login attempts... seanferd Linux - Security 8 11-09-2006 09:42 AM
lock root account after 3 login attempts - RHEL AS 3 jrparker2005 Red Hat 1 05-17-2005 01:43 PM
lock password after failed attempts... manudath Linux - Security 2 04-28-2005 11:55 AM
Lock account after successive login attempts herrmag Linux - Newbie 1 02-03-2005 07:10 PM

All times are GMT -5. The time now is 12:00 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration