LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-28-2004, 01:09 PM   #1
tonyfreeman
Member
 
Registered: Sep 2003
Location: Fort worth, TX
Distribution: Debian testing 64bit at home, EL5 32/64bit at work.
Posts: 196

Rep: Reputation: 30
45 Minute lockout configuration


Does anyone know if it is possible to configure things using pam.d/login.defs/etc so that:

If a user fails to login after 5 attempts, the account is locked for 45 minutes.

Is this somehow possible? Or should I forget about trying for this type of functionality.

-- Tony
 
Old 10-28-2004, 02:18 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
that's seems pretty straight forward just read the login.defs manpage:

/etc/login.defs
Code:
LOGIN_RETRIES        5
FAIL_DELAY              2700
isn't that what you want?
 
Old 10-29-2004, 05:48 AM   #3
Cerbere
Member
 
Registered: Dec 2002
Location: California
Distribution: Slackware & LFS
Posts: 799

Rep: Reputation: 33
Double-posting is against the rules. If you aren't satisfied with the response to your thread, wait at least 24 hours then bump that thread. Re-posting the question breaks up the discussion and makes the search function in the forum less effective.

Enjoy!
--- Cerbere
 
Old 10-29-2004, 03:29 PM   #4
tonyfreeman
Member
 
Registered: Sep 2003
Location: Fort worth, TX
Distribution: Debian testing 64bit at home, EL5 32/64bit at work.
Posts: 196

Original Poster
Rep: Reputation: 30
Thanks acid_kewpie, et al:

I've entered the configuration and gave it a try with a testing user. I've tried to login 7 times in a row, giving a bad password each time - but on the 8th time I can still login without delay or a warning.

Would pam.d somehow interfer with this functionality? I have pam_tally.so to disable an account after 10 failed attemps.

-- Tony

PS ... I'll try to watch double posting ;-)
 
Old 10-31-2004, 01:29 AM   #5
m_shroom
Member
 
Registered: Oct 2004
Location: Queen Charlotte B. C. Canada
Distribution: openSUSE 11.1
Posts: 42

Rep: Reputation: 15
Did you reboot before testing ?
Many configuration changes only take effect if a module is stopped and restarted, the configuration being read when it starts then held in memory.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Logging account lockout sbrewer Linux - Security 1 10-22-2005 04:48 PM
Login Lockout John Manion Linux - Newbie 1 11-16-2003 01:53 AM
Lockout Problem! sanju2k Linux - General 1 12-01-2002 09:33 AM
sandbox lockout... jwhiz Linux - Newbie 2 10-02-2002 05:04 PM
Bios Lockout Bypass Stephanie Linux - General 5 07-08-2002 05:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration