I'm trying to configure sshd to lockout a user after 5 failed login attempts and then allow that user back in after an hour if there hasn't been a failed login attempt. This is my /etc/pam.d/sshd: #%PAM-1.0 auth required /lib/security/pam_tally.so no_magic_root auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account required /lib/security/pam_tally.so deny=5 no_magic_root even_deny_root_account reset account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so Once I get past the number of failed login's, I get something like this: user xxx has time limit [66850040s left] since last failure. I've only configured a 50 second lockout for testing, so am I doing something wrong? Is there a better way to accomplish this? Thanks, Brian
