Fail Login Configuration

By omp on Monday, April 16, 2007

1. Open the /etc/pam.d/system-auth file for editing.
ensure that a backup done for the file which you are editing.

2. Add the following lines:

auth required pam_tally.so no_magic_root
account required pam_tally.so deny=2 no_magic_root

here the value of deny implies how many login attempts should faillog wait before locking the account for login.

3. Save the file and exit.
4. Test the configuration by attempting to login as a normal user, but using a wrong password.
5. Verify the failed count increments by running the command:

faillog -u
6. To disable faillog for one particular user faillog -m -1 -u username
,

comment 0 comments:

Post a Comment

Popular Posts

  • Unix Interview Questions???
    Linux admin interview questions How do you take a single line of input from the user in a shell script? Write a script to convert all DO...
  • Network Storage - II
    Network-Attached Storage 1. Introduction 2. What is a NAS Device? 3. What is a Filer? 4. Network-Attached Storage Versus Sto...
  • Converting delimited text to Excel
    Description Google Results Non-technical people need t...
  • Configure a Physical Interface After System Installation
    * Determine the IPv4 addresses that you want to use for the additional interfaces. * Ensure that the physical interface to be configured has...
  • Managing Disk Spaces with LVM in Linux.
    Bryce Harrington and Kees Cook have come together to write this informative article titled ' Managing Disk Space with LVM ' which ...
  • Lo
    for Expand words, and execute commands once for each member in the resultant list, with name bound to the current member. SYNTAX for...
  • (no title)
    Global Menu - Ubuntu Lucid Setting up global menu in lucid install the global menu package.
  • UNIX Questions and Answers
    UNIX Questions and Answers Most answers refer to Solaris 2.x systems Hardware Issues How can I configure new devices without rebooting? What...
  • Generate passwords with openssl
    write 6 random bits of base64-encoded data. This will produce an eight character string making a good unix (crypt based) password: $ openssl...
  • Blade server
    IBM HS20 blade server. Two bays for SCSI hard drives can be noticed in the upper left area of the image. Blade servers are self-contained co...

Linux Gazette