pam_tally

Terry Orgill terry at stribus.com
Thu Sep 23 20:45:30 UTC 2004


I'm trying to use pam_tally to lock a user out after three unsuccessful attempts.  I can't get it to work.  My login file in /etc/pam.d is as follows:

auth    required    /lib/security/pam_securetty.so
auth    required    /lib/security/pam_nologin.so
auth    required    /lib/security/pam_tally.so deny=3 reset
auth    required    /lib/security/pam_stack.so service=system-auth
account    required    /lib/security/pam_tally.so deny=3 reset
account    required    /lib/security/pam_stack.so service=-system-auth
password    required     /lib/security/pam_tally.so deny=3 reset
password    required    /lib/security/pam_stack.so service=system-auth
session    required    /lib/security/pam_stack.so service=system-auth
session    required    /lib/security/pam_console.so

Is pam_pwdb the module to keep passwords from being reused?  How would I set that up?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20040923/87b2cac4/attachment.htm>


More information about the Pam-list mailing list