Login or Register to Ask a Question and Join Our Community


Red Hat

RHEL 6, incorrect logins, never lock.

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat RHEL 6, incorrect logins, never lock.
# 1  
Old 06-05-2013
RHEL 6, incorrect logins, never lock.
i've been searching the WEB, and editing my /etc/pam.d/system-auth,passwd-auth,sshd.

but even a thousand wrong logins, my account doesnt lock.

thanks
Code:
[root@center pam.d]# cat system-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        sufficient    pam_fprintd.so
auth        sufficient    pam_unix.so nullok try_first_pass

#auth        requisite     pam_succeed_if.so uid >= 500 quiet

auth        required      pam_tally2.so  ideny=3
auth        required      pam_deny.so

account     required      pam_tally2.so reset

account     required      pam_faillock.so
account     required      pam_unix.so
account     sufficient    pam_localuser.so
account     sufficient    pam_succeed_if.so uid < 500 quiet
account     required      pam_permit.so

#password    requisite     pam_cracklib.so try_first_pass retry=3 type=
password    required     pam_cracklib.so try_first_pass retry=3 type=
#password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password    required    pam_unix.so sha512 shadow nullok try_first_pass use_authtok

#password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_unix.so
[root@center pam.d]#


[root@center pam.d]# cat password-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth required pam_tally2.so deny=3 unlock_time=36000 audit
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account required pam_unix.so
account sufficient pam_localuser.so
account required pam_tally2.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
[root@centerpam.d]#

Last edited by Scott; 06-05-2013 at 06:53 AM.. Reason: Code tags, please...
# 2  
Old 06-17-2013
Hmmm, I can't say I really know however I did see this in the system-auth
Code:
auth        required      pam_tally2.so  ideny=3

on mine it states:
Code:
auth        required      pam_tally2.so  deny=3

I actually don't have this working however we probably should have...
# 3  
Old 06-20-2013
try this, the order of the pam_tally2.so have to be first above all else, If you google around you should have found this Smilie but if you haven't, there you go


auth required pam_tally2.so deny=3
auth required pam_env.so
auth sufficient pam_fprintd.so
auth sufficient pam_unix.so nullok try_first_pass
#auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Is it possible to install RHEL 7 on top of RHEL 6?

Hi We have RHEL 6.7 on an HP physical server and want to install RHEL 7 (not upgrade) on top of it by means of virtualization. Is it possible to install/configure RHEV/KVM virtualization on base RHEL 6.7 OS instance and then install RHEL 7 as a VM guest on it? If yes, could you please guide me... (1 Reply)
Discussion started by: magnus29
1 Replies

2. UNIX for Dummies Questions & Answers

Windows->RHEL->RHEL X11 Forwarding?

I know this question might have been asked a lot but couldn't find anything that worked. From a windows machine 'A' I can only SSH into Linux server 'B' from where I can SSH into another Linux server 'C'. I need to be able to run GUI interfaces on server C which run on my Windows machine. I... (3 Replies)
Discussion started by: hr.prasan
3 Replies

3. Red Hat

RHEL 6, Spacewalk 2.3 unable to download RHEL 5 repo data

Hello all, I am having a bit of an issue on my Spacewalk installation. Some amplifying information is that it is Spacewalk 2.3 installed on a RHEL 6 machine and I am attempting to install/update a RHEL 5 channel/repository. I am fairly new to Spacewalk so I am still learning but this is what I... (3 Replies)
Discussion started by: jstone4646
3 Replies

4. Red Hat

Error throwing while installing vsftpd package in rhel 6. using rhel 6 dvd.

Hi all, Im studying rhcsa as of now, so yum installation and dependencies are messing me to not workit out. i have dual os, win 7 & rhel 6. i have tried this installation of vsftpd package with rhel 6 dvd in VM rhel 6 in win 7 as well as host rhel 6.still the same issue. below error... (6 Replies)
Discussion started by: redhatlbug
6 Replies

5. Red Hat

Does RHEL 5 provide a command to collect RHEL system log in single compress file?

Hi, I heard a command that can collect all RHEL 5 log in a single compress file before I forget. Does any body know...What the command is ? Thanks. (4 Replies)
Discussion started by: nnnnnnine
4 Replies

6. UNIX for Advanced & Expert Users

Testing privileges -lock lockfile /var/lock/subsys/..- Permission denied

Hi all, I have to test some user priviliges. The goal is to be sure that an unauthorized user can't restart some modules (ssh, mysql etc...). I'm trying to automate it with a shell script but in same cases I got the syslog broadcast message. Is there any way to simply get a return code... (3 Replies)
Discussion started by: Dedalus
3 Replies

7. Red Hat

Security Question: Lock after invalid login, Session Lock and Required Minimum Password Length

Hello all, If anyone has time, I have a few questions: How do I do the following in Linux. We are using Red Hat and Oracle Enterprise Linux, which is based on Red Hat too. 1. How to lock the account after a few (like 3) invalid password attempts? 2. How do you lock a screen after 30... (1 Reply)
Discussion started by: nstarz
1 Replies

8. Red Hat

Difference between RHEL 3 AND RHEL 4

Anybody, let me know major differences between RHEL 3 & 4 . (2 Replies)
Discussion started by: sakthi_13
2 Replies

9. UNIX for Dummies Questions & Answers

how to lock keyboard without using lock command

how can I lock my keyboard while I'm away from the computer without using lock command. What other commands gives me the option to lock keyboard device? thanks (7 Replies)
Discussion started by: dianayun
7 Replies

10. UNIX for Dummies Questions & Answers

Help with logins

Could someone please tell me what I would have to do so I can dial in to Solaris through a modem and login? Thanks in advance. Jomar (2 Replies)
Discussion started by: crispyco
2 Replies
Login or Register to Ask a Question