[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_tally only for root



On Mon, Jan 24, Asif Iqbal wrote:

> Hi All
> 
> I am planning to use pam_tally for console login to the server. Now I
> like use it only for root account and no other user. In other words only
> for root account allow 3 try and then lock it out until someone manually
> reset it. We have system admin users who have full sudo access to do
> that. User's do not need to be tallied becasue they all use SecurID for
> authentication which has been setup to lock account after 3 fail tries.
> 
> Is that possible or should I look for a different solution?

It should be possible, if you use the per_user setting and aonly
set a limit with faillog -m.

  Thorsten

-- 
Thorsten Kukuk         http://www.suse.de/~kukuk/      kukuk suse de
SuSE Linux Products GmbH       Maxfeldstr. 5       D-90409 Nuernberg
--------------------------------------------------------------------    
Key fingerprint = A368 676B 5E1B 3E46 CFCE  2D97 F8FD 4E23 56C6 FB4B


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]