Centos PAM config

Networking/Security Forums -> UNIX // GNU/Linux

Author: duster PostPosted: Fri Jan 15, 2010 2:46 pm    Post subject: Centos PAM config
    ----
whenever i modify my pam file as shown below i can no longer log into my centos; i have to go into single user mode and undo the changes. what i want to do is log all failed authentication attempts but i don't want it to affect the root user account.


# vi /etc/pam.d/system-auth

auth required pam_tally.so no_magic_root
account required pam_tally.so deny=3 no_magic_root lock_time=180

Author: _AA_Location: N51:30:35 W0:00:40 PostPosted: Sat Jan 16, 2010 3:27 pm    Post subject: Re: Centos PAM config
    ----
Failed login attempts are logged by default, so this is not something you'd have to manually turn on. But to lock the account after 3 login attempts you could use:

Code:
auth required pam_tally.so onerr=fail deny=3 lock_time=180
account required pam_tally.so reset


man pam_tally and you will see that the optional parameters you used are actually auth options not account options.

Logged to /var/log/secure

Author: duster PostPosted: Thu Jan 28, 2010 8:29 pm    Post subject:
    ----
I tried those entries still doesnt work.. the accounts dont even get locked.



Networking/Security Forums -> UNIX // GNU/Linux


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group