Number of login attempts in linux

[sunilk]

Hello Experts

I have a question.... How do we restrict number of login attempts in Linux ???

Let me explain :--

In windows NT we have an option.If a user attempts 3 unsuccessful attempts then it gets locked.
Likewise do we have anything in Linux ??

Please let me know

Thanks In Advance..

Regards.

Sunilk

[genlee]

Disable remote root logins and only have ssh auth against keys and not typical username/password. Then there is no need to set something up to lock accounts after failed logins since you need the key to login.

[wassy121]

you can set it though, in pam. I forget which module, but man pam.conf might help. Depending on the distribution it is either in /etc/pam.conf as "login auth blah blah blah" or /etc/pam.d/login as "auth blah blah blah"

[rkpamidi]

go to --- /etc/pam.d/system-auth
append auth required pam_tally.so onerr=fail deny=5 unlock_time=21600

Where,
(a)deny=5 - Deny access if tally for this user exceeds 5 times.

(b) unlock_time=21600 - Allow access after 21600 seconds (6 hours) after failed attempt. If this option is used the user will be locked out for the specified amount of time after he exceeded his maximum allowed attempts. Otherwise the account is locked until the lock is removed by a manual intervention of the system administrator.

(c) onerr=fail - If something weird happens (like unable to open the file), return with PAM_SUCESS if onerr=succeed is given, else with the corresponding PAM error code.