Hi Steve, > I am using Cistron's radiusd on a RedHat 6.1 server.. I can't get pam_tally > to work > I have in /etc/pam.d/radius: > auth required /lib/security/pam_tally.so > auth required /lib/security/pam_pwdb.so shadow nullok > auth required /lib/security/pam_nologin.so > account required /lib/security/pam_pwdb.so > account required /lib/security/pam_tally.so deny=3 > password required /lib/security/pam_cracklib.so > password required /lib/security/pam_pwdb.so shadow use_authtok nullok md5 > session required /lib/security/pam_pwdb.so > any ideas? All I wish to do is limit the number of login attempts.. any help > you could provide would sure be appreciated.. I can't find any documentation for pam_tally on my system even though it's included in the RedHat RPMs, and the module itself isn't part of the Linux-PAM tree, so I'm working with very little information here; but unless I'm mistaken, pam_tally is only effective when multiple authentication attempts are made within the same PAM context. Because each incoming radius authentication request is independent of every other packet, there's no way to group any of those packets into a single context, so IIUC pam_tally is not useful here. Steve Langasek postmodern programmer
