RedHat 9: Faillog doesn't record bad attempts?

dadembro at rockwellcollins.com dadembro at rockwellcollins.com
Fri Mar 4 13:09:05 UTC 2005


I use the lastb command to capture bad login attempts.  It needs the file
/var/btmp to work.

Hope that helps,
---d.dembrow



                                                                           
             "Alainna C.                                                   
             Wonders"                                                      
             <awonders at aharinc                                          To 
             .com>                     <pam-list at redhat.com>               
             Sent by:                                                   cc 
             pam-list-bounces@                                             
             redhat.com                                            Subject 
                                       RedHat 9: Faillog doesn't record    
                                       bad attempts?                       
             03/03/2005 04:12                                              
             PM                                                            
                                                                           
                                                                           
             Please respond to                                             
                 Pluggable                                                 
              Authentication                                               
                  Modules                                                  
             <pam-list at redhat.                                             
                   com>                                                    
                                                                           
                                                                           




Hi all,

I am having a problem with this computer not recording failed attempts on
login (su, ssh, console, or otherwise).  I've used these files previously
on
RH9 systems without issue, but I'll post the configs for sshd and
system-auth here anyhow.

Here's my rpm -qa |grep pam:
pam_smb-1.1.6-7
pam-devel-0.75-48
pam-0.75-48
pam_krb5-1.60-1

System-auth:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so
account     required      /lib/security/pam_tally.so deny=5 no_magic_root
reset


password    required      /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok
md5 shadow
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so

SSHD:
#%PAM-1.0
auth       required     pam_stack.so service=system-auth
auth       required     pam_nologin.so
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
session    required     pam_limits.so
session    optional     pam_console.so

Faillog is a valid file, it just doesn't record any bad attempts.

Thanks!

Alainna



_______________________________________________
Pam-list mailing list
Pam-list at redhat.com
https://www.redhat.com/mailman/listinfo/pam-list





More information about the Pam-list mailing list