[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: a/c



system-auth-ac:
auth        required      pam_tally2.so deny=5 unlock_time=300

#if this isnt added things like sudo will always cause a failed login
attempt
account     required      pam_tally2.so deny=5 unlock_time=300


On Thu, May 19, 2011 at 3:53 PM, Greg Wojcieszczuk <greg unixos org> wrote:

> Hi,
> Have a look at pam_tally2. There is an option there (even_deny_root)
> which if NOT used will practically prevent root account fro being locked
> up.
>
> Read pam_tally2 (man) for more details.
>
> Kind regards,
> Greg Wojcieszczuk
>
>
>
> On 05/19/2011 07:38 PM, Adam Miller wrote:
> > On Thu, May 19, 2011 at 02:31:07PM -0400, Ben wrote:
> >> On Thu, 2011-05-19 at 23:26 +0530, Raj Har wrote:
> >>
> >>> Hello All,
> >>>               i want to disable user after 3 attempts for particular
> time
> >>> period.
> >>> i have done this with the help of PAM but in this situation root also
> >>> disabled for particular time period. i don`t wanna do this for root
> user.
> >>> i hope u will give me some suggestion.
> >>>
> >>> thanks
> >>
> >> Have a look at fail2ban.  Works for me.
> > You might also take a look at the iptables recent module:
> >
> > http://www.stearns.org/doc/adaptive-firewalls.current.html
> >
> > Other articles exist for it as well and I'm sure some google-fu will get
> > you there.
> >
> > -AdamM
> >
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request redhat com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]