Account locking

PDF

Usually a system will drop the connection after 3 unsuccessful login attempts and may reconnect to try it again. If you setup account lockout you can prevent this, after a number of unsuccessful login attempts the account will be locked out automaticaly.

Edit the file /etc/pam.d/system-auth and add the lines:
auth required pam_tally.so onerr=fail no_magic_root
account required pam_tally.so per_user deny=3 no_magic_root reset
In this example the retry limit it set to 3 by the parameter deny.

Related articles:
- Force strong passwords
- Restiction to use previous passwords

 

Please login first before adding a comment.

Search






You are here: Home Howtos and FAQs Security Account locking