I’m attempting to configure Debian 4.0 to lock user accounts after 3 failed login attempts.
account required pam_tally.so _onerr_=fail deny=3
as the first non-commented line in /etc/pam.d/common-account and
auth required pam_tally.so per_user magic_root _onerr_=fail
as the first non-commented line in /etc/pam.d/common-auth. When I run faillog I get:
Login Failures Maximum Latest On
username 16 3 10/08/10 11:03:43 -0400 192.168.0.1
but when I try to login as username via ssh or su -, I am still able to login if I give a valid password. Is there any good resource for configuring pam_tally and faillog other than their man pages?