Is this a reasonable approach?
Andy Armstrong
andy at hexten.net
Sat Jan 1 21:32:12 UTC 2005
Hi folks and happy new year,
I'm writing a PAM module that will allow me to reject connections from
remote hosts that have been responsible a large number of failed login
attempts. I've pretty much got working code but I'm agonising over the
best way to log failed attempts.
I can get something working by flagging a request as potentially failed
during auth processing and then clearing that flag if we get as far as
session processing. I'd use pam_set_data() effectively for the side
effect of giving me a callback to the cleanup routine which is where I'd
actually record the success or failure of the login attempt (in a DBM
database).
I assume that'll work in which case it'll scratch my immediate itch but
I also assume that it's not the cleanest way to detect a failed auth
attempt. Can anyone recommend a nicer approach?
--
Andy Armstrong
More information about the Pam-list
mailing list