I’m looking to configure a centos 7 server to lock out anaccount after 3 login failures.
I’ve followed this
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls
Section2.1.9.5 Account Locking
And even rebooted the serverbut it doesn’t lock my test account out.
login as: test
test@X’s password:
Access denied
test@X's password:
Access denied
test@X's password:
Access denied
test@X's password:
Access denied
test@X's password:
Last failed login: Wed Mar 15 15:44:37 GMT 2017 fromXXXXXX on ssh:notty
There were 4 failed login attempts since the lastsuccessful login.
Last login: Wed Mar 15 15:14:05 2017 from YYYYYYYYYYYYY
[test]$
Meanwhile the secure log also shows
Mar 15 15:44:27 testbox sshd[4051]: pam_unix(sshd:auth): authenticationfailure; logname= uid=0 euid=0 tty=ssh ruser= rhost=YYYYYYYY user=test
Mar 15 15:44:29 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2
Mar 15 15:44:29 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2
Mar 15 15:44:33 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2
Mar 15 15:44:35 testbox sshd[4051]:pam_faillock(sshd:auth): Consecutive login failures for user test accounttemporarily locked
Mar 15 15:44:37 testbox sshd[4051]: Failed password fortest from X port 57118 ssh2
Mar 15 15:44:44 testbox sshd[4051]: Accepted password fortest from X port 57118 ssh2
Mar 15 15:44:44 testbox sshd[4051]:pam_unix(sshd:session): session opened for user test by (uid=0)
Ie I can deliberately mangle the password three times,secure log shows the account has been locked out, but then I can immediatelystill log in.
Has anybody a link to a configuration that works?cheers
ian
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
