Login or Register to Ask a Question and Join Our Community


Cybersecurity

openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts
# 1  
Old 02-03-2011
openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts
Hi all,

I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4

when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock out however they do for telnet.

My understanding of this is that ssh using different subsystems than the login / authentication mechanisms therefore I should not expect ssh to lockout the account.

I have been tasks with finding a solution and have been researchign PAM and the pam_tally module however I cannot find a pam_tall.so module that has been ported for the version of SCO or can I see it in /usr/lib/security/pam_*

Please can someone advise if they have had similar experiences or can suggest a solution or provide the pam_tally source code / ported version of pam_tally for SCO unixware ....

any help would be greatly appreciated

Thanks

chlawren.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SSH with a nologin account

Is it possible to SSH with an account that has its shell set to /sbin/nologin? The reason I ask is because I am running an instance of nagios where I need to use SSH keys to run a check, but I am getting connect errors in Nagios. Also, what is the risk I run into if I just simply change my... (2 Replies)
Discussion started by: streetfighter2
2 Replies

2. Red Hat

SSH lock users to the Home Directory

Hi friends, I must to give ssh connection to own customer. So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user. I am waitting your kindly helps :D ---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies

3. SCO

open ssh on unixware 7.1.4

Hi all, I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4 when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies

4. SuSE

How to lock the account after consecutive unsuccessful login in SUSE

Hi , Can anyone give ur answer for How to lock the account after consecutive unsuccessful login in SUSE Enterprise 10.2 Linux (1 Reply)
Discussion started by: karthik04
1 Replies

5. Solaris

How to lock the account after consecutive unsuccessful login

Dears, I want to lock the user's account after consecutive unsuccessful login attempts, how can I do this ? (1 Reply)
Discussion started by: mlsun
1 Replies

6. UNIX for Advanced & Expert Users

possible to lock accounts (passwd -l) and still allow acct to ssh to other server?

My scenario is as follows: We have a handful of batch accounts that run our production jobs. Our users are able to use sudo to become that account. Also, because of other reasons, the passwords are also listed in an encrypted file that each team can see their batch ID. So, I have some users... (5 Replies)
Discussion started by: cpolikowsky
5 Replies

7. Shell Programming and Scripting

lock an account

hi how can I Lock an account, by prepending ”*LK*” to the password field in /etc/shadow. I dont want to use passwd -l . Any idea? (3 Replies)
Discussion started by: tjay83
3 Replies

8. UNIX for Dummies Questions & Answers

Change Account to not lock account if password expires

I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired. I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Discussion started by: stringzz
1 Replies

9. SCO

ssh daemon for unixware 7.1.1

Hi, would anyone know where I could get a ssh daemon for unixware 7.1.1. I have been running round in circles and have had no joy. regards Collie (0 Replies)
Discussion started by: collie
0 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

ssh-ldap-helper

SSH-LDAP-HELPER(8)					    BSD System Manager's Manual 					SSH-LDAP-HELPER(8)

NAME

     ssh-ldap-helper -- sshd helper program for ldap support

SYNOPSIS

     ssh-ldap-helper [-devw] [-f file] [-s user]

DESCRIPTION

     ssh-ldap-helper is used by sshd(1) to access keys provided by an LDAP.  ssh-ldap-helper is disabled by default and can only be enabled in the
     sshd configuration file /etc/ssh/sshd_config by setting AuthorizedKeysCommand to ``/usr/libexec/openssh/ssh-ldap-wrapper''.

     ssh-ldap-helper is not intended to be invoked by the user, but from sshd(8) via ssh-ldap-wrapper.

     The options are as follows:

     -d      Set the debug mode; ssh-ldap-helper prints all logs to stderr instead of syslog.

     -e      Implies -w; ssh-ldap-helper halts if it encounters an unknown item in the ldap.conf file.

     -f      ssh-ldap-helper uses this file as the ldap configuration file instead of /etc/ssh/ldap.conf (default).

     -s      ssh-ldap-helper prints out the user's keys to stdout and exits.

     -v      Implies -d; increases verbosity.

     -w      ssh-ldap-helper writes warnings about unknown items in the ldap.conf configuration file.

SEE ALSO

     sshd(8), sshd_config(5), ssh-ldap.conf(5),

HISTORY

     ssh-ldap-helper first appeared in OpenSSH 5.5 + PKA-LDAP .

AUTHORS

     Jan F. Chadima <jchadima@redhat.com>

BSD
								  April 29, 2010							       BSD