Problem lockout on RH4 Update 5!!

nataris — Wed, 23 Sep 2009 16:47:38 GMT

Hi

I try to set lockout after retry 3 times at /etc/pam.d/system-auth.

----------example------

auth required /lib/security/pam_tally.so onerr=fail no_magic_root
account required /lib/security/pam_tally.so deny=3 no_magic_root reset
------------------------
after I set, I still can fail login for 7 times. I also touch /var/log/faillog.

Anyone please suggest me.

thanks

Re: Problem lockout on RH4 Update 5!!

Matti_Kurkela — Wed, 23 Sep 2009 17:16:18 GMT

Yes, you can fail 7 times. But can you succeed after the first 3 failures?

The lockout system is not going to prevent you from failing to login - in fact, it does just the opposite: after the first 3 failures, it guarantees that all other login attempts with this username will fail too, *even with the correct password*, until the lockout is reset.

Thus, the intruder can huff and puff all s/he wants, but s/he is not going to get in. It's better to not tell the intruder that the account has been locked: this way, the intruder may waste some time uselessly trying to access an account that has already been locked out.

MK

topic Re: Problem lockout on RH4 Update 5!! in Operating System - Linux

Problem lockout on RH4 Update 5!!

Re: Problem lockout on RH4 Update 5!!