LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   ssh failed login count - where is it? (https://www.linuxquestions.org/questions/linux-security-4/ssh-failed-login-count-where-is-it-115602/)

mbhenry 11-13-2003 10:54 AM
ssh failed login count - where is it?
 
I am on SLES 8. I created two pam entries in /etc/pam.d/login and /etc/pam.d/passwd. These entries are as follows:
auth required /lib/security/pam_tally.so onerr=fail no_magic_root
account required /lib/security/pam_tally.so deny=5 reset no_magic_root

I am trying to only allow 5 failed logins and then for the account to be locked. This works for certain ways of logging in but not for ssh. I can just keep failing on login attempts and trying again way past 5 attempts. The faillog command works to track failed logins from other methods of logging in but not ssh. How can I limit and track failed logins for users that log in with ssh?

Capt_Caveman 11-13-2003 11:35 AM
This might be a stupid question, but did you turn on PAM-based authentication in the sshd configuration file?


All times are GMT -5. The time now is 11:06 AM.