|
|
Sponsored Content
Operating Systems
Linux
SuSE
How to lock the account after consecutive unsuccessful login in SUSE
Post 302306572 by karthik04 on Monday 13th of April 2009 07:46:03 AM
04-13-2009
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there a way to easily change an account to be a non login account (NP in the shadow) file?
I know I can just edit the file but that is not what we want to do. We use access control software and want to provide a way to set an account to be non-login using simple commands that can be mapped... (0 Replies)
Discussion started by: LordJezo
0 Replies
2. SuSE
When we login to any remote connections in SuSE Linux, say for example, telnet , the following line is displayed "Last Login : Date and time is displayed"
I would like to disable this. In SuSE 9, I could find the solution .
Please suggest me a solution to disable the line displayed for SuSE... (3 Replies)
Discussion started by: Laksmi
3 Replies
3. UNIX for Dummies Questions & Answers
I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired.
I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Discussion started by: stringzz
1 Replies
4. Shell Programming and Scripting
hi
how can I Lock an account, by prepending ”*LK*” to the password field in /etc/shadow.
I dont want to use passwd -l .
Any idea? (3 Replies)
Discussion started by: tjay83
3 Replies
5. Solaris
Dears,
I want to lock the user's account after consecutive unsuccessful login attempts, how can I do this ? (1 Reply)
Discussion started by: mlsun
1 Replies
6. Red Hat
Hello all,
If anyone has time, I have a few questions:
How do I do the following in Linux. We are using Red Hat and Oracle Enterprise Linux, which is based on Red Hat too.
1. How to lock the account after a few (like 3) invalid password attempts?
2. How do you lock a screen after 30... (1 Reply)
Discussion started by: nstarz
1 Replies
7. Cybersecurity
Hi all,
I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4
when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies
8. AIX
I want to learn AIX. I would like to find someone who would be willing to give me a login to their AIX home lab server. My intent is to poke around and discover the similarities and differences of AIX compared to other *NIXs.
I am a UNIX admin so I can think of what some immediate concerns may... (1 Reply)
Discussion started by: perl_in_my_shel
1 Replies
9. Shell Programming and Scripting
#!/bin/bash
for servers in `cat ~/servers`
do
rosh -l root -n $servers 'if
then
echo $HOSTNAME
else
exit 1
fi'
done
I have few servers in the for loop that is powered off, so whenever I execute my script, it works fine if all the servers are on, but when it tries to execute the script... (1 Reply)
Discussion started by: Rojan Shakya
1 Replies
10. SuSE
hi
i want to enable details of previous successful/ unsuccessful login on screen after successful login in SUSE linux
---------- Post updated 01-17-15 at 10:00 PM ---------- Previous update was 01-16-15 at 11:37 PM ----------
hi guys please reply (1 Reply)
Discussion started by: Idea
1 Replies
LEARN ABOUT OSF1
ttys
ttys(4) Kernel Interfaces Manual ttys(4) NAME
ttys - Terminal control database file (Enhanced Security) DESCRIPTION
Notes The secure terminal database file, /etc/securettys, controls root logins for all security levels. The file is described in the securet- tys(4) reference page. By default, the enhanced security terminal control information is stored in database format (ttys.db). The information was formerly stored in the ttys file and is converted to database format in an update installation. The convauth utility converts an existing ttys file to database format. The enhanced security terminal control database (ttys.db) contains an entry for each terminal or X displayname that can be used for logging in. It supports wildcarding of the entire terminal name or displayname only. Authentication programs use information in the terminal con- trol database to determine if a login is permitted on the specified terminal. Information from the device assignment database (/etc/auth/system/devassign) can also affect terminal login permissions. Successful and unsuccessful login attempts on the terminal are optionally recorded in the terminal control database, and the information can be used to disable terminal logins when breakin attempts are suspected. The /usr/tcb/bin/dxdevices GUI provides a way to create terminal control database entries and to alter the system default values for the fields. The edauth utility can also be used to display and modify terminal control database entries. A terminal control database entry consists of keyword field identifiers and values for those fields. If a necessary value is not specified in an entry, a default value for the field is supplied from the system default file (/etc/auth/system/default). For more information on the field format, see the authcap(4) reference page. The following keyword field identifiers are supported: This field defines the terminal device name for the entry. The system expects that terminal devices are in the /dev directory and therefore this prefix should not be specified. If the terminal entry describes the /dev/tty1 device, the t_devname field should contain tty1. This field is ignored if it is set in a template or in the default database. This field contains the user ID of the last user who successfully logged in using the terminal device. This field is ignored if it is set in a tem- plate or in the default database. This field is a time_t value that records the last successful login time to the terminal device. This field is ignored if it is set in a template or in the default database. This field contains the user ID of the last user who unsuccess- fully attempted to log in using the terminal device. This field is ignored if it is set in a template or in the default database. This field is a time_t value that records the last unsuccessful login time to the terminal device. This field is ignored if it is set in a tem- plate or in the default database. This field contains the user ID of the user who successfully logged in before the user identified in the t_uid field. This represents the UID of the previous login session. This field is ignored if it is set in a template or in the default database. This field is a time_t value that contains the system time of last logout associated with this terminal device. This value marks the end of the previous login session associated with the user identified by t_prevuid. This field records the number of consecutive unsuccessful login attempts to the terminal device. This field is ignored if it is set in a template or in the default database. This field specifies the maximum number of consecutive unsuccessful login attempts permitted using the terminal before the terminal is locked. Once the terminal is locked, it must be unlocked by an authorized administrator. This field is a time_t value that identifies the login delay enforced by authentication programs between unsuccessful login attempts. This field is designed to slow the rate at which penetration attempts on a terminal device can occur. This field indicates whether the terminal device has been administratively locked. This field is manipulated by authorized administrators only. This field specifies the time interval in seconds after t_unsuctime to wait before ignoring t_failures. Zero means never ignore t_failures. This field specifies the login time-out value in seconds. If a login attempt is initiated by entering a user name at the login prompt but successful authentication is not completed within the time-out interval specified, the login attempt is aborted. This field indicates that the entry is an X window display managed by rather than a terminal device. This field is ignored if it is set in a template or in the default database. EXAMPLES
The following example shows a typical terminal control database entry: console:t_devname=console: :t_uid=jdoe:t_logtime#675430072: :t_unsucuid=jdoe:t_unsuctime#673610809: :t_prevuid=root:t_prevtime#671376915: :chkent: This entry is for the system console device, /dev/console. The most recent successful login session was for the user jdoe. The most recent unsuccessful login attempt was also by user jdoe. Before the most recent successful login session, the root account was used to log in to the console. The entry records the system time for the current successful login, the end of the previous successful login session, and the time of the most recent unsuccessful login attempt. FILES
Specifies the pathname of the database. RELATED INFORMATION
Commands: login(1) Functions: getprtcent(3) Files: authcap(4), default(4), securettys(4) delim off ttys(4)