[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] Disable login for x minutes after x failed logins?
I want to either disable a remote login (ssh, ftp, pop etc.) after x
failures completely, to the trying remote client (IP no.) or for x
I searched the web up and down, but can't come up with a simple and
concise explanation, how to do this. It seems pam_tally could somehow be
used to achieve part of that, but not completely. F.i. it seems once the
account is locked it is locked as long as someone unlocks it.
Is pam_tally the way to go or are there better ways on a normal Suse 8/9
system? Is there a better explanation/howto than what can be found in the
PAM docs, man or
(PAM system administrator's guide)?
At least for me this documentation is quite scarce and I'm missing some
real-word and "how-to" examples for a good start.
I also wonder if any of the login.defs definitions is used if PAM gets
used? I read somewhere that most of it is handled by PAM now, but some
options were still valid, f.i. "fail_delay" (delay for next attempt after
a failure), but I can't repro that, so it seems none of it is in use when
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here