Login or Register to Ask a Question and Join Our Community


Cybersecurity

openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts
# 1  
Old 02-03-2011
openssh_4.6 on Unixware 7.1.4 - ssh does not lock account after x attempts
Hi all,

I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4

when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock out however they do for telnet.

My understanding of this is that ssh using different subsystems than the login / authentication mechanisms therefore I should not expect ssh to lockout the account.

I have been tasks with finding a solution and have been researchign PAM and the pam_tally module however I cannot find a pam_tall.so module that has been ported for the version of SCO or can I see it in /usr/lib/security/pam_*

Please can someone advise if they have had similar experiences or can suggest a solution or provide the pam_tally source code / ported version of pam_tally for SCO unixware ....

any help would be greatly appreciated

Thanks

chlawren.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

SSH with a nologin account

Is it possible to SSH with an account that has its shell set to /sbin/nologin? The reason I ask is because I am running an instance of nagios where I need to use SSH keys to run a check, but I am getting connect errors in Nagios. Also, what is the risk I run into if I just simply change my... (2 Replies)
Discussion started by: streetfighter2
2 Replies

2. Red Hat

SSH lock users to the Home Directory

Hi friends, I must to give ssh connection to own customer. So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user. I am waitting your kindly helps :D ---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies

3. SCO

open ssh on unixware 7.1.4

Hi all, I am having some issues with openssh vers OpenSSH_4.6p1 on SCO unixware 7.1.4 when a user accesses the system via ssh and the password is incorrect and more attempts have been made that the lock out limit I find that although there are messages in the syslog the account does not lock... (0 Replies)
Discussion started by: chlawren
0 Replies

4. SuSE

How to lock the account after consecutive unsuccessful login in SUSE

Hi , Can anyone give ur answer for How to lock the account after consecutive unsuccessful login in SUSE Enterprise 10.2 Linux (1 Reply)
Discussion started by: karthik04
1 Replies

5. Solaris

How to lock the account after consecutive unsuccessful login

Dears, I want to lock the user's account after consecutive unsuccessful login attempts, how can I do this ? (1 Reply)
Discussion started by: mlsun
1 Replies

6. UNIX for Advanced & Expert Users

possible to lock accounts (passwd -l) and still allow acct to ssh to other server?

My scenario is as follows: We have a handful of batch accounts that run our production jobs. Our users are able to use sudo to become that account. Also, because of other reasons, the passwords are also listed in an encrypted file that each team can see their batch ID. So, I have some users... (5 Replies)
Discussion started by: cpolikowsky
5 Replies

7. Shell Programming and Scripting

lock an account

hi how can I Lock an account, by prepending ”*LK*” to the password field in /etc/shadow. I dont want to use passwd -l . Any idea? (3 Replies)
Discussion started by: tjay83
3 Replies

8. UNIX for Dummies Questions & Answers

Change Account to not lock account if password expires

I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired. I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Discussion started by: stringzz
1 Replies

9. SCO

ssh daemon for unixware 7.1.1

Hi, would anyone know where I could get a ssh daemon for unixware 7.1.1. I have been running round in circles and have had no joy. regards Collie (0 Replies)
Discussion started by: collie
0 Replies
Login or Register to Ask a Question

LEARN ABOUT REDHAT

ssh-keysign

SSH-KEYSIGN(8)						    BSD System Manager's Manual 					    SSH-KEYSIGN(8)

NAME

     ssh-keysign -- ssh helper program for hostbased authentication

SYNOPSIS

     ssh-keysign

DESCRIPTION

     ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during hostbased authentication with
     SSH protocol version 2.

     ssh-keysign is disabled by default and can only be enabled in the the global client configuration file /etc/ssh/ssh_config by setting
     HostbasedAuthentication to ``yes''.

     ssh-keysign is not intended to be invoked by the user, but from ssh(1).  See ssh(1) and sshd(8) for more information about hostbased authen-
     tication.

FILES

     /etc/ssh/ssh_config
	     Controls whether ssh-keysign is enabled.

     /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
	     These files contain the private parts of the host keys used to generate the digital signature.  They should be owned by root, read-
	     able only by root, and not accessible to others.  Since they are readable only by root, ssh-keysign must be set-uid root if hostbased
	     authentication is used.

SEE ALSO

     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)

AUTHORS

     Markus Friedl <markus@openbsd.org>

HISTORY

     ssh-keysign first appeared in OpenBSD 3.2.

BSD
								   May 24, 2002 							       BSD