Find the answer to your Linux question:
Results 1 to 4 of 4
Hello Experts I have a question.... How do we restrict number of login attempts in Linux ??? Let me explain :-- In windows NT we have an option.If a user ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2003
    Posts
    1

    Number of login attempts in linux


    Hello Experts

    I have a question.... How do we restrict number of login attempts in Linux ???

    Let me explain :--

    In windows NT we have an option.If a user attempts 3 unsuccessful attempts then it gets locked.
    Likewise do we have anything in Linux ??

    Please let me know

    Thanks In Advance..

    Regards.

    Sunilk

  2. #2
    Linux Engineer
    Join Date
    Jan 2003
    Location
    Lebanon, pa
    Posts
    994
    Disable remote root logins and only have ssh auth against keys and not typical username/password. Then there is no need to set something up to lock accounts after failed logins since you need the key to login.

  3. #3
    Linux Enthusiast
    Join Date
    Jun 2002
    Location
    San Antonio
    Posts
    621
    you can set it though, in pam. I forget which module, but man pam.conf might help. Depending on the distribution it is either in /etc/pam.conf as "login auth blah blah blah" or /etc/pam.d/login as "auth blah blah blah"
    I respectfully decline the invitation to join your delusion.

  4. #4
    Just Joined!
    Join Date
    May 2010
    Posts
    1

    restrict login attempts

    go to --- /etc/pam.d/system-auth
    append auth required pam_tally.so onerr=fail deny=5 unlock_time=21600

    Where,
    (a)deny=5 - Deny access if tally for this user exceeds 5 times.

    (b) unlock_time=21600 - Allow access after 21600 seconds (6 hours) after failed attempt. If this option is used the user will be locked out for the specified amount of time after he exceeded his maximum allowed attempts. Otherwise the account is locked until the lock is removed by a manual intervention of the system administrator.

    (c) onerr=fail - If something weird happens (like unable to open the file), return with PAM_SUCESS if onerr=succeed is given, else with the corresponding PAM error code.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •