[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_abl and sshd MaxAuthTries strangeness (was Re: pam_tally with sshd: ssh password-based failures not tally'd)



George Hansper wrote:

I'd like to set the MaxAuthTries for passwords as low as
possible (ie 1 only), since that this the only way to get
sensible results from failed-login counters such as
pam_tally and pam_abl.

You can just scale the trigger levels accordingly though. I'm running a pam_abl setup which only allows three failures an hour but as far as the user's concerned they get nine attempts to remember their password because sshd allows three retries per connect.


That's unless I'm missing something of course :)

--
Andy Armstrong, hexten.net


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]