account lockout + timeout
Tomas Mraz
tmraz at redhat.com
Wed May 25 20:33:09 UTC 2005
On Wed, 2005-05-25 at 15:26 -0400, andysayshi wrote:
> Hello,
>
> Using pam_tally on an RH 7.2 (2.4.18-19.7.xsmp) server, i have updated
> system-auth to lock users account for those who attempted 6 or more
> consecutive unsuccessfull logins. This works. What I'd like to do now
> is have those accounts disabled for 30 minutes and be unlocked when
> the 30 minutes passes.
>
> So far I've been unsuccesfull in doing this, any
> suggestions/links/comments on how to do this is greatly appreciated.
Only pam_tally from pam >= 0.79 allows this and there is a bug in the
0.79 version pam_tally which makes it crash when used in the account
phase (however this is not necessary anymore).
--
Tomas Mraz <tmraz at redhat.com>
More information about the Pam-list
mailing list