Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 04-03-2012, 05:10 AM   #1
Senior Member
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
Want to use pam-config for sshd and some other

I am configuring password requirements, account lockouts etc using PAM.
I have gotten it all to work, only problem is I can't find a way to use pam-config for everything.
The files sshd, common-auth & common-account in /etc/pam.d/ I have to write manually. This means unlinking common-*, copy common-*-pc to common-* and then edit the common-* files.
Not a big issue, but it would be nicer if I could simply use pam-config.

I have searched a lot for info about pam-config, but can't find anything about how to add with required parameters.
"pam-config -a" gives "
invalid option -- --pam_tally2"

pam-config --add --sshd (also tried w pam_tally2) gives
pam-config: invalid option -- --sshd
Unknown module, ignored!

The configuration I need is:
auth required deny=5 onerr=fail unlock_time=1800

account required

auth  required deny=5 magic_root onerr=fail unlock_time=1800
account   required
What works fine with pam-config is:
pam-config -d --pwcheck
pam-config -a --cracklib
pam-config -a --cracklib-minlen=7
pam-config -a --cracklib-lcredit=-1
pam-config -a --cracklib-ucredit=-1
pam-config -a --cracklib-dcredit=-1
pam-config -a --pwhistory
pam-config -a --pwhistory-remember=5
Old 04-04-2012, 03:07 PM   #2
Senior Member
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
Do these examples help ?
auth     required per_user
and here some more troubleshooting.
Old 04-05-2012, 02:53 PM   #3
Senior Member
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Original Poster
Rep: Reputation: 127Reputation: 127
Thanks, but no.
I do know what to write in the different pam.d/ files, I have my configuration completely in place.
What I want is to configure everything regarding PAM with the command "pam-config".


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem in using PAM-TACACS+ with sshd Bandlaraj Linux - Software 0 08-20-2009 08:32 AM
Starting sshd: /etc/init.d/sshd: line 113: /usr/sbin/sshd: Permission denied sumanc Linux - Server 5 03-28-2008 04:59 AM
pam.d/sshd config for passwd expiration ssy68 Linux - Newbie 3 03-26-2008 10:56 AM
pam or sshd ignoring max retries; 8 > 3 antieagles Linux - Security 0 09-29-2004 12:45 PM
PAM and sshd, major problems KneeLess *BSD 0 06-06-2004 02:00 PM

All times are GMT -5. The time now is 04:15 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration