[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Disable login for x minutes after x failed logins?



Short Shot

man faillog

Dirk


Kai Schaetzl schrieb:
I want to either disable a remote login (ssh, ftp, pop etc.) after x failures completely, to the trying remote client (IP no.) or for x minutes. I searched the web up and down, but can't come up with a simple and concise explanation, how to do this. It seems pam_tally could somehow be used to achieve part of that, but not completely. F.i. it seems once the account is locked it is locked as long as someone unlocks it. Is pam_tally the way to go or are there better ways on a normal Suse 8/9 system? Is there a better explanation/howto than what can be found in the PAM docs, man or http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html
(PAM system administrator's guide)?
At least for me this documentation is quite scarce and I'm missing some real-word and "how-to" examples for a good start.

I also wonder if any of the login.defs definitions is used if PAM gets used? I read somewhere that most of it is handled by PAM now, but some options were still valid, f.i. "fail_delay" (delay for next attempt after a failure), but I can't repro that, so it seems none of it is in use when using PAM?

Thanks,



Kai




TRIA IT-consulting GmbH Joseph-Wild-Stra?e 20 81829 Munchen Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de --------------------------------------------------------

working hard | for your success
--------------------------------------------------------

Registergericht Munchen HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschaftsfuhrer: Richard Hofbauer Rosa Igl --------------------------------------------------------

Nachricht von: dirk.schreiner@xxxxxxx Nachricht an: suse-security@xxxxxxxx # Dateianhange: 0 Die Mitteilung dieser E-Mail ist vertraulich und nur fur den oben genannten Empfanger bestimmt. Wenn Sie nicht der vorgesehene Empfanger dieser E-Mail oder mit der Aushandigung an ihn betraut sind, weisen wir darauf hin, da? jede Form der Kenntnisnahme, Veroffentlichung, Vervielfaltigung sowie Weitergabe des Inhalts untersagt ist. Wir bitten Sie uns in diesem Fall umgehend zu unterrichten. Vielen Dank The information contained in this E-Mail is privileged and confidental intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient or competent to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this E-Mail is strictly prohibited. If you have received this E-Mail in error, please notify us immediately. Thank you



















--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here