FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 01-10-2011, 02:40 PM
"Johan Booysen"
 
Default RHEL6 pam_tally2 lockouts

I'm trying to set up a RHEL6 server for sftp access only. So far it
works very well, but I can't seem to get pam_tally2 set up to lock user
accounts after so many unsuccessful login attempts.



As far as I could find out, it should work if I add the following lines
to /etc/pam.d/system-auth:



Last line in the auth section:

auth required pam_tally2.so deny=3 onerr=fail



Last line in the account section:

account required pam_tally2.so



According to the pam_tally2 man page this should log failed attempts in
/var/log/tallylog, but when I deliberately log in with nonsense
usernames/password, I get absolutely nothing in the tallylog file.
Hence running the pam_tally2 command with no options produces no
results.



/var/log/secure shows me entries such as:



Jan 10 15:16:26 rhel6 sshd[1918]: Failed password for test from
192.x.x.x port 4467 ssh2

Jan 10 15:16:29 rhel6 sshd[1918]: Failed password for test from 192.x.x.
port 4467 ssh2

Jan 10 15:16:29 rhel6 sshd[1919]: Disconnecting: Too many authentication
failures for test

Jan 10 15:16:29 rhel6 sshd[1918]: PAM 1 more authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=mc23.xxxxx.int user=test



In /etc/ssh/sshd_config I've got



UsePAM yes

PasswordAuthentication yes

ChallengeResponseAuthentication no



I might be missing something silly here, so I'd really appreciate any
advice on getting this to work on Red Hat Enterprise Linux 6.



Thanks.

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 09:52 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org