question about pam_tally and the faillog
Bill Tangren
bjt at usno.navy.mil
Fri Mar 21 14:49:01 UTC 2008
>
> ----- Original Message -----
> From: "Bill Tangren" <bjt at usno.navy.mil>
> To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
> Sent: Thursday, March 20, 2008 4:17 AM
> Subject: Re: question about pam_tally and the faillog
>
>
>>
>>> I am running a number of RHEL ES 4.5 systems, fully updated.
>>>
>>> The problem I am having is baffling me. I am using pam_tally so that
>>> three
>>> consecutive unsuccessful logins will lock out the user, until an hourly
>>> cron script unlocks the account. It has worked fine for a number of
>>> years.
>>
>>
>> Anyone?
>>
>> I've noticed the same problem with other accounts. suing to root tallies
>> a
>> failed login, even though the su was successful.
>>
>>
> Are you talking about remote SSH logins?
>
> Are you using the UsePAM directive in your sshd_config file?
>
I am talking about suing to root or another user at the console. If you su
to any user successfully (except when root does it), it is recorded in the
faillog by pam_tally as a login failure.
--
Bill Tangren
U.S. Naval Observatory
Si hoc legere scis nimium eruditionis habes
More information about the redhat-list
mailing list