Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security Question: Lock after invalid login, Session Lock and Required Minimum Password Length
Operating Systems Linux Red Hat Security Question: Lock after invalid login, Session Lock and Required Minimum Password Length Post 302432383 by pludi on Friday 25th of June 2010 01:24:43 AM
Old 06-25-2010
  1. Use pam_tally. man page and a quick description
  2. On graphical displays it depends on the dektop environment/screensaver settings, which are user-specific.
  3. Change the settings for pam_pwcheck (probably in the file /etc/pam.d/password) and set minlen accordingly. You can even set an option to prevent the user to reuse the last n passwords.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

how to lock keyboard without using lock command

how can I lock my keyboard while I'm away from the computer without using lock command. What other commands gives me the option to lock keyboard device? thanks (7 Replies)
Discussion started by: dianayun
7 Replies

2. UNIX for Advanced & Expert Users

Lock the required folder

Hi friends, 5-6 users are using the same login in one of our Unix server. My question is, Is it possible to lock some folder using seperate password other than login password by each user, so that that folder is not accessible to other users. Please guide/suggest me. Cheers~~ Ganapati.... (11 Replies)
Discussion started by: ganapati
11 Replies

3. HP-UX

minimum password length

Dear frnds, how i can make the password 5chs minimum length in hp-ux 11i ? pls help regards (3 Replies)
Discussion started by: jestinabel
3 Replies

4. HP-UX

where I can set login fail ,lock time

where I can set login fail ,lock time thanks (2 Replies)
Discussion started by: alert0919
2 Replies

5. Solaris

How to lock the account after consecutive unsuccessful login

Dears, I want to lock the user's account after consecutive unsuccessful login attempts, how can I do this ? (1 Reply)
Discussion started by: mlsun
1 Replies

6. SuSE

How to lock the account after consecutive unsuccessful login in SUSE

Hi , Can anyone give ur answer for How to lock the account after consecutive unsuccessful login in SUSE Enterprise 10.2 Linux (1 Reply)
Discussion started by: karthik04
1 Replies

7. Solaris

Lock Password 3x times

Dear ALL, I have account to access to my server. If I type wrong password or wrong username 3x times then solaris will be automatically lock this user account. So, How to de-activated this policy..?? Best Regards Bejo:) (2 Replies)
Discussion started by: mbah_jiman
2 Replies

8. Shell Programming and Scripting

Large password lock script

I am trying to create a script that will take a very large, tab delimited file and then lock accounts. File headers look like this id desc server pass sudo lock test Test user server01 67 no no "Test user" is under the desc column Basically if pass column is greater... (5 Replies)
Discussion started by: Gibby13
5 Replies

9. UNIX for Advanced & Expert Users

Testing privileges -lock lockfile /var/lock/subsys/..- Permission denied

Hi all, I have to test some user priviliges. The goal is to be sure that an unauthorized user can't restart some modules (ssh, mysql etc...). I'm trying to automate it with a shell script but in same cases I got the syslog broadcast message. Is there any way to simply get a return code... (3 Replies)
Discussion started by: Dedalus
3 Replies

10. Solaris

Lock password for 15 minutes

Hi, Can we configure Solaris-10 and Solaris-11, which can lock any user for 15 minutes after 5 unsuccessful logins ? I am trying to search, if it is possible but not able to find. Regards (1 Reply)
Discussion started by: solaris_1977
1 Replies

LEARN ABOUT SUSE

pam_timestamp_check

PAM_TIMESTAMP_CHECK(8)						 Linux-PAM Manual					    PAM_TIMESTAMP_CHECK(8)

NAME

       pam_timestamp_check - Check to see if the default timestamp is valid

SYNOPSIS

       pam_timestamp_check [-k] [-d] [target_user]

DESCRIPTION

       With no arguments pam_timestamp_check will check to see if the default timestamp is valid, or optionally remove it.

OPTIONS

       -k
	   Instead of checking the validity of a timestamp, remove it. This is analogous to sudo's -k option.

       -d
	   Instead of returning validity using an exit status, loop indefinitely, polling regularly and printing the status on standard output.

       target_user
	   By default pam_timestamp_check checks or removes timestamps generated by pam_timestamp when the user authenticates as herself. When the
	   user authenticates as a different user, the name of the timestamp file changes to accommodate this.	target_user allows to specify this
	   user name.

RETURN VALUES

       0
	   The timestamp is valid.

       2
	   The binary is not setuid root.

       3
	   Invalid invocation.

       4
	   User is unknown.

       5
	   Permissions error.

       6
	   Invalid controlling tty.

       7
	   Timestamp is not valid.

NOTES

       Users can get confused when they are not always asked for passwords when running a given program. Some users reflexively begin typing
       information before noticing that it is not being asked for.

EXAMPLES

	   auth sufficient pam_timestamp.so verbose
	   auth required   pam_unix.so

	   session required pam_unix.so
	   session optional pam_timestamp.so

FILES

       /var/run/sudo/...
	   timestamp files and directories

SEE ALSO

       pam_timestamp_check(8), pam.conf(5), pam.d(5), pam(8)

AUTHOR

       pam_tally was written by Nalin Dahyabhai.

Linux-PAM Manual						    04/01/2010						    PAM_TIMESTAMP_CHECK(8)
All times are GMT -4. The time now is 06:28 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy