Re: pam_tally

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Well guys I have added pam_tally.so every place I can think of including
system-auth.  I must be missing something.  It looks like Pam_linux takes
over no matter what I do. Again, any help would be much appreciated. Thanks
in advance..
Gene Reynolds
BBWXT



                      "Christopher C.
                      Weis"                      To:       pam-list@xxxxxxxxxx
                      <ccweis@xxxxxxxxxxx        cc:
                      .uiowa.edu>                Fax to:
                      Sent by:                   Subject:  Re: pam_tally
                      pam-list-admin@xxxx
                      at.com


                      04/09/2003 02:39 PM
                      Please respond to
                      pam-list






What type of login?  SSH?  Telnet?  FTP? (or actual login)?  It all
depends on what service you're trying protect from multiple failed
attempts.  If you want to get them all, put it in system-auth.

~Chris

GYR@xxxxxxxx wrote:

>One more thing I forgot to add I did try and add this line to
>/etc/pam.d/login
>
>auth       required     /lib/security/pam_securetty.so
>auth       required     /lib/security/pam_stack.so service=system-auth
>auth       required     /lib/security/pam_nologin.so
>
>auth       required     /lib/security/pam_tally.so
>
>account    required     /lib/security/pam_stack.so service=system-auth
>password   required     /lib/security/pam_stack.so service=system-auth
>session    required     /lib/security/pam_stack.so service=system-auth
>session    optional     /lib/security/pam_console.so
>
>Is this the right spot to tell the system to lock out accounts after too
>many failed attempts at login..?
>Again thanks everyone in advance
>
>
>
>                      GYR@xxxxxxxx
>                      Sent by:                 To:
pam-list@xxxxxxxxxx
>                      pam-list-admin@xx        cc:
>                      dhat.com                 Fax to:
>                                               Subject:  Re: pam_tally
>
>                      04/09/2003 01:05
>                      PM
>                      Please respond to
>                      pam-list
>
>
>
>
>
>
>
>Hi there, thanks again for taking the time to help me...
>
>What I need to do is have pam (or something else) lock out a user account
>after a number of specified failed  login attempts.
>I have looked at the utility faillog,  This allows me to supposedly set
the
>number of tries,and somehow I came to the conclusion
>that pam_tally would use this utility to lock the account. I may be way
off
>base here. Wouldnt be the first time yeiks..
>Thanks
>
>Gene Reynolds
>
>
>
>
>
>                      "Christopher C.
>                      Weis"                      To:
>                      pam-list@xxxxxxxxxx
>                      <ccweis@xxxxxxxxxxx        cc:
>                      .uiowa.edu>                Fax to:
>                      Sent by:                   Subject:  Re: pam_tally
>                      pam-list-admin@xxxx
>                      at.com
>
>
>                      04/09/2003 12:00 PM
>                      Please respond to
>                      pam-list
>
>
>
>
>
>
>Well, yes and no.  pam_tally is a PAM module that you need to add to a
>file in /etc/pam.d for the particular service or services you want to
>"tally."  It does not get its own file.
>
>Maybe a little summary of what you're trying to achieve would help me
>explain things better.  Sorry if this isn't what you wanted to know.
>
>~Chris
>
>GYR@xxxxxxxx wrote:
>
>
>
>>Chris, actually I did read this. Is there supposed to be a config file in
>>/etc/pam.d for tally ? I have to admit that pam and I are not that
>>
>>
>familiar
>
>
>>with each other sigh!
>>
>>
>>
>>                     "Christopher C.
>>                     Weis"                      To:
>>
>>
>pam-list@xxxxxxxxxx
>
>
>>                     <ccweis@xxxxxxxxxxx        cc:
>>                     .uiowa.edu>                Fax to:
>>                     Sent by:                   Subject:  Re: pam_tally
>>                     pam-list-admin@xxxx
>>                     at.com
>>
>>
>>                     04/09/2003 08:08 AM
>>                     Please respond to
>>                     pam-list
>>
>>
>>
>>
>>
>>
>>I'll state the obvious.  Forgive me if you've already read this
>>
>>
>document...
>
>
>>/usr/share/doc/pam-0.75/txts/README.pam_tally, or something similar.
>>
>>Good luck.
>>
>>~Chris
>>
>>GYR@xxxxxxxx wrote:
>>
>>
>>
>>
>>
>>>Hello all, I have a Redhat 8.0 distribution. I am trying to understand
>>>pam_tally. Can anyone point me to a spot that can
>>>help me understand this and make it work. Thanks in advance..
>>>
>>>Gene Reynolds
>>>Sr. Engineer
>>>BBWXT
>>>
>>>
>>>
>>>
>>>_______________________________________________
>>>
>>>Pam-list@xxxxxxxxxx
>>>https://listman.redhat.com/mailman/listinfo/pam-list
>>>
>>>
>>>
>>>
>>>
>>>
>>--
>>
>>
>>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>
>
>
>
>>~
>>~  Christopher C. Weis
>>~  |
>>~  \---> Linux System Administrator
>>~      |--> University of Iowa, College of Engineering
>>~      |--> 1253 SC, Iowa City, IA, (319)335-5055
>>~      |--> ccweis@xxxxxxxxxxxxxxxxxxxxx
>>~
>>
>>
>>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>
>
>
>
>>
>>
>>
>>
>>_______________________________________________
>>
>>Pam-list@xxxxxxxxxx
>>https://listman.redhat.com/mailman/listinfo/pam-list
>>
>>
>>
>>
>>
>>
>>_______________________________________________
>>
>>Pam-list@xxxxxxxxxx
>>https://listman.redhat.com/mailman/listinfo/pam-list
>>
>>
>>
>>
>
>--
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>
>
>~
>~  Christopher C. Weis
>~  |
>~  \---> Linux System Administrator
>~      |--> University of Iowa, College of Engineering
>~      |--> 1253 SC, Iowa City, IA, (319)335-5055
>~      |--> ccweis@xxxxxxxxxxxxxxxxxxxxx
>~
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>
>
>
>
>
>
>
>_______________________________________________
>
>Pam-list@xxxxxxxxxx
> https://listman.redhat.com/mailman/listinfo/pam-list
>
>
>
>
>
>
>_______________________________________________
>
>Pam-list@xxxxxxxxxx
> https://listman.redhat.com/mailman/listinfo/pam-list
>
>
>
>
>
>
>_______________________________________________
>
>Pam-list@xxxxxxxxxx
>https://listman.redhat.com/mailman/listinfo/pam-list
>
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~
~  Christopher C. Weis
~  |
~  \---> Linux System Administrator
~      |--> University of Iowa, College of Engineering
~      |--> 1253 SC, Iowa City, IA, (319)335-5055
~      |--> ccweis@xxxxxxxxxxxxxxxxxxxxx
~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






_______________________________________________

Pam-list@xxxxxxxxxx
 https://listman.redhat.com/mailman/listinfo/pam-list






_______________________________________________

Pam-list@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux