pause on bad password
Darren Tucker
dtucker at zip.com.au
Fri Jun 18 04:22:35 UTC 2004
Will McDonald wrote:
> The default behavior of pam_unix_auth.so (on Linux) is to sleep for a couple
> of seconds if the user enters a bad password to prevent brute force attacks. I
> haven't been able to find anything on the web about this, but is there an
> option to turn this behavior off (or an equivalent module that doesn't do it)?
pam_unix.so has a no "nodelay" option, try that.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the Pam-list
mailing list