Brustkern, Maximillian wrote: > I'm attempting to configure Debian 4.0 to lock user accounts after 3 > failed login attempts. I know you don't think so (yet) but that is a very bad idea. It enables a denial of service attack. A valid user can be locked out by an attacker. That is bad. If you want to rate limit attacks then look at the fail2ban package. apt-cache show fail2ban Description: bans IPs that cause multiple authentication errors Also, I assume there is a reason but if you are still using Debian 4.0 Etch then you really should worry about security upgrades. Consider migrating to Stable Lenny with security support. Bob
Attachment:
signature.asc
Description: Digital signature