I’m attempting to configure Debian 4.0 to lock user
accounts after 3 failed login attempts. I’ve added: account required pam_tally.so _onerr_=fail deny=3 as the first non-commented line in /etc/pam.d/common-account
and auth required pam_tally.so per_user magic_root
_onerr_=fail as the first non-commented line in /etc/pam.d/common-auth.
When I run faillog I get: Login Failures Maximum Latest On username 16 3 10/08/10 11:03:43 -0400
192.168.0.1 but when I try to login as username via ssh or su -, I am
still able to login if I give a valid password. Is there any good resource for
configuring pam_tally and faillog other than their man pages? Thanks, Max Brustkern |