Re: Sarge: Lost # of failed logins
Florian Kulzer wrote:
> I have been using Debian for about 5 years now. As far as I remember, it
> always had the "n failure(s) since last login" message (if n was greater
> than zero).
I have never seen that message.
> I never had to do anything to set it up, therefore I
> unfortunately don't know exactly how it works. My best guess is that it
> involves some PAM modules which parse /var/log/faillog and/or use the
> "faillog" command. Maybe this link helps to track it down:
I always have a ~/.hushlogin. When I remove it I still never see
failures. I see this instead:
Last login: Thu Jul 26 17:32:14 2007 from dementia.proulx.com
If you create a .hushlogin file for you does your login failure
message at login go away?
touch ~/.hushlogin
The sshd uses the presence of .hushlogin to silence the banner. In
the sshd man page:
1. If the login is on a tty, and no command has been specified,
prints last login time and /etc/motd (unless prevented in the
configuration file or by $HOME/.hushlogin; see the FILES section).
But I never see anything about failures, just the motd and the last
login time. So I don't think this is it.
I am very curious as to what outputs for you the faillog!
Bob
Reply to: