• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Centos PAM config

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux

View previous topic :: View next topic  
Author Message
duster
Just Arrived
Just Arrived


Joined: 06 May 2005
Posts: 0


Offline

PostPosted: Fri Jan 15, 2010 2:46 pm    Post subject: Centos PAM config Reply with quote

whenever i modify my pam file as shown below i can no longer log into my centos; i have to go into single user mode and undo the changes. what i want to do is log all failed authentication attempts but i don't want it to affect the root user account.


# vi /etc/pam.d/system-auth

auth required pam_tally.so no_magic_root
account required pam_tally.so deny=3 no_magic_root lock_time=180
Back to top
View user's profile Send private message
_AA_
Just Arrived
Just Arrived


Joined: 03 May 2005
Posts: 0
Location: N51:30:35 W0:00:40

Offline

PostPosted: Sat Jan 16, 2010 3:27 pm    Post subject: Re: Centos PAM config Reply with quote

Failed login attempts are logged by default, so this is not something you'd have to manually turn on. But to lock the account after 3 login attempts you could use:

Code:
auth required pam_tally.so onerr=fail deny=3 lock_time=180
account required pam_tally.so reset


man pam_tally and you will see that the optional parameters you used are actually auth options not account options.

Logged to /var/log/secure
Back to top
View user's profile Send private message Visit poster's website
duster
Just Arrived
Just Arrived


Joined: 06 May 2005
Posts: 0


Offline

PostPosted: Thu Jan 28, 2010 8:29 pm    Post subject: Reply with quote

I tried those entries still doesnt work.. the accounts dont even get locked.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter