I keep locking me out, instead of the bad guy.
I'm trying to setup under /etc/pam using both system-auth and password-auth so that the interval in seconds will be 15 minutes or greater for a failed login.
I'm adding the following to both /etc/pam.d/system-auth and /etc/pam.d/password-auth and still not working.
Code:
Add the following line immediately before the "pam_unix.so" statement in the "AUTH" section:
auth required pam_faillock.so preauth silent deny=3 unlock_time=604800 fail_interval=900
Add the following line immediately after the "pam_unix.so" statement in the "AUTH" section:
auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
Add the following line immediately before the "pam_unix.so" statement in the "ACCOUNT" section:
account required pam_faillock.so
PAM can't be this hard, however I keep locking out all of the accounts out. So I can't figure out where I'm going wrong.
If anyone can offer some tips on how to get comfortable with PAM, let me know.
thanks