LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Login lockout for RHEL 6 (http://www.linuxquestions.org/questions/linux-security-4/login-lockout-for-rhel-6-a-4175416027/)

Corrado 07-10-2012 11:45 PM

Login lockout for RHEL 6
 
The distro is RHEL 6.

I have read many different ways to lockout a user after so many failed attempts.

Has anyone got it working in RHEL 6 and how did you do it?

Chris

PrinceCruise 07-11-2012 01:17 AM

As far as my experience of using PAM with Redhat Linux, you gotta work on /etc/pam.d/system-auth.
For your reference - http://magazine.redhat.com/2007/01/2...ogin-attempts/

Regards.

access2nitan 07-11-2012 01:33 AM

Don't go for long way.just go to secure mode and change your user password simple...

Corrado 07-11-2012 01:35 AM

That does not work with RHEL 6. Anyone have anything for RHEL 6?

PrinceCruise 07-11-2012 02:10 AM

I'm sorry, posted in hurry. What's the related error message is /var/log/secure.
I'm not on my RHEL 6 box but afaik it makes use of pam_tally2, not pam_tally. That may be a thing to consider.

Regards.

chrism01 07-11-2012 10:17 PM

See top post here https://www.redhat.com/archives/redh.../msg00117.html

sharadchhetri 07-17-2012 05:59 PM

Quote:

Originally Posted by chrism01 (Post 4725613)

Quote:

vi /etc/pam.d/system-auth

auth required pam_tally.so no_magic_root

account required pam_tally.so deny=3 no_magic_root lock_time=180
after this create faillog file in /var/log

Quote:

touch /var/log/faillog
Note: Do not copy and paste as it is in system-auth, in other word,in auth section paste auth required pam_tally.so no_magic_root and in account section paste account required pam_tally.so deny=3 no_magic_root lock_time=180

do not forget to create faillog file in /var/log

sharadchhetri 07-17-2012 06:42 PM

for RHEL 6
 
Quote:

Originally Posted by sharadchhetri (Post 4731024)
after this create faillog file in /var/log



Note: Do not copy and paste as it is in system-auth, in other word,in auth section paste auth required pam_tally.so no_magic_root and in account section paste account required pam_tally.so deny=3 no_magic_root lock_time=180

do not forget to create faillog file in /var/log


Ohh sorry buddy above one will work in redhat 5

for redhat 6
use pam_tally2

this is I tested. and below is my system-auth file

Quote:

# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth required pam_tally2.so deny=3 onerr=fail unlock_time=900
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account required pam_unix.so
account sufficient pam_localuser.so
account required pam_tally2.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so

To check faillog

Quote:

pam_tally2 -u username

To reset or clear faillog of user
Quote:

pam_tally2 -u username --reset

lakhera2010 10-19-2012 02:54 AM

It's not working in RHEL6.Did anyone tested in RHEL6?

lakhera2010 10-19-2012 03:38 AM

Did some research and found out that in RHEL 6 file name is changed.So in case of RHEL6 you need to use password-auth instead of system-auth

[root@vm152 pam.d]# cat sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth

Thanks
Prashant


All times are GMT -5. The time now is 07:28 AM.