ftp/sftp user account lockout threshold
Bill Tangren
bjt at usno.navy.mil
Thu Aug 9 12:56:28 UTC 2007
Johan Booysen wrote:
> I've finally gotten round to implementing the pam_tally module. It does
> seem to do the trick, but I've noticed that using the following line
> actually allows for 4 logon attempts:
>
> account required /lib/security/$ISA/pam_tally.so deny=3 no_magic_root
> reset
>
> Is that how it's supposed to work?
>
> Thanks!
>
> Johan
No. This means three failed login attempts, and you're locked out. You don't get
a fourth try. I just tested it.
More information about the redhat-list
mailing list