Bug in pam_tally on Red Hat Enterprise Linux Server release 5.1 (Tikanga). PAM version is: pam-0.99.6.2-3.26.el5 case 1: following lines works for RHEL-3 & RHEL-4 version with pam-0.77-66.23 version without any problems but not working for RHEL-5 auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root account required /lib/security/$ISA/pam_tally.so per_user deny=3 no_magic_root reset - faillog counter just updates number of failed password attempts - never locks the user account, - never clears the faillog counter after successful login attempt error messages found on /var/log/secure on RHEL-5 pam_tally(sshd:account): option per_user allowed in auth phase only pam_tally(sshd:account): option deny=3 allowed in auth phase only pam_tally(sshd:account): unknown option: no_magic_root pam_tally(sshd:account): unknown option: reset sshd[13368]: PAM service(sshd) ignoring max retries; 6 > 3 faillog -a user4 user4 6 0 07/14/08 15:09:30 -0400 Case 2: After modifying system-auth file with respect to the above error messages auth required pam_tally.so onerr=fail per_user deny=3 account required pam_tally.so - faillog counter not updating counter for wrong password attempts - nerver locks the user account for wrong passwords Case 3: auth required pam_tally.so onerr=fail per_user deny=3 no_magic_root account required pam_tally.so no_magic_root error messages found on /var/log/secure on RHEL-5 pam_tally(sshd:auth): unknown option: no_magic_root - faillog counter updates for wrong password attempts - nerver locks the user account for wrong passwords - never clears the faillog counter after successful login attempt I do not want to update PAM version on RHEL-5 Appreciate if i get reply with bug fix solution. -- Regards, Vasudeva R