HPE Community
Operating System - HP-UX
1834058 Members
2302 Online
110063 Solutions
New Discussion

Re: SSH unsuccessful login attempts

 
Josee Pouliot_1
Occasional Advisor

‎01-26-2005 06:07 AM

‎01-26-2005 06:07 AM

SSH unsuccessful login attempts

I would like to know if there is a way that SSH locks a user account after 5 unsuccessful login attempts.

We have the A.03.71.000 version.

Thank you.
0 Kudos
Reply
10 REPLIES 10
Sanjay_6
Honored Contributor

‎01-26-2005 06:09 AM

‎01-26-2005 06:09 AM

Re: SSH unsuccessful login attempts

Hi Josee,

If the system is trusted and it is set to disable a user account after 5 unsuccessful attempts, it should lock the account after 5 unsuccessful login attempts using ssh.

Hope this helps.

Regds
0 Kudos
Reply
Rick Garland
Honored Contributor

‎01-26-2005 06:12 AM

‎01-26-2005 06:12 AM

Re: SSH unsuccessful login attempts

There is no mention in the sshd_config or the ssh_config files concerning this feature.

Trusted systems you can specify how many unsuccessful logins to lock an account
0 Kudos
Reply
Josee Pouliot_1
Occasional Advisor

‎01-26-2005 06:13 AM

‎01-26-2005 06:13 AM

Re: SSH unsuccessful login attempts

The system is Trusted. However, the account doesn't get lock after 5 unsuccessful login attempts via SSH...
0 Kudos
Reply
Rick Garland
Honored Contributor

‎01-26-2005 06:16 AM

‎01-26-2005 06:16 AM

Re: SSH unsuccessful login attempts

Does an account get locked after some number of unsuccessful attempts? Any number of unsuccessful attempts?

0 Kudos
Reply
Josee Pouliot_1
Occasional Advisor

‎01-26-2005 06:18 AM

‎01-26-2005 06:18 AM

Re: SSH unsuccessful login attempts

Let's say I'm already on a system and I try to get to another system. My account will get lock if I failed to login properly 5 times.

I am using PutTy, could this change anything?
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎01-26-2005 06:22 AM

‎01-26-2005 06:22 AM

Re: SSH unsuccessful login attempts

Hi,

What is the output of the command,

/usr/lbin/gerprdef -m umaxlntr

It this "5" or more.

Also check on the value of "umaxlntr" for the user using the gerprpw command.

Is this set to "-1". If so it means go by the default and the default should be the value you are getting from the 1st command.

Hope this helps.

Regds
0 Kudos
Reply
Josee Pouliot_1
Occasional Advisor

‎01-26-2005 06:31 AM

‎01-26-2005 06:31 AM

Re: SSH unsuccessful login attempts

cnisp007:root:/root >/usr/lbin/getprdef -m umaxlntr
umaxlntr=5
0 Kudos
Reply
Josee Pouliot_1
Occasional Advisor

‎01-26-2005 06:37 AM

‎01-26-2005 06:37 AM

Re: SSH unsuccessful login attempts

I just did more tests. It seems that the account gets lock but after 8 attempts...

Does it start to count at the first unsuccessful login?
0 Kudos
Reply
Josee Pouliot_1
Occasional Advisor

‎01-26-2005 07:14 AM

‎01-26-2005 07:14 AM

Re: SSH unsuccessful login attempts

Here is a good one: when I set umaxlntr at 2, the account gets deactivated after 5 unsuccessful attempts...
0 Kudos
Reply
Andrew Cowan
Honored Contributor

‎01-26-2005 07:06 PM

‎01-26-2005 07:06 PM

Re: SSH unsuccessful login attempts

Are you using "uselogin yes" in "/etc/ssh/sshd_config"? This is a security risks however it should fix this problem.

There are several versions of SSH that don't properly interface with the failed_login count. The main reasons are either that the version you have was compiled for an earlier version of HP-UX, or it is missing a patch.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.