I'm trying to use pam_tally to lock a user out
after three unsuccessful attempts. I can't get it to work. My login
file in /etc/pam.d is as follows:
auth required
/lib/security/pam_securetty.so
auth required
/lib/security/pam_nologin.so
auth required
/lib/security/pam_tally.so deny=3 reset
auth required
/lib/security/pam_stack.so service=system-auth
account
required /lib/security/pam_tally.so deny=3 reset
account
required /lib/security/pam_stack.so
service=-system-auth
password required
/lib/security/pam_tally.so deny=3 reset
password
required /lib/security/pam_stack.so
service=system-auth
session
required /lib/security/pam_stack.so
service=system-auth
session
required /lib/security/pam_console.so
Is pam_pwdb the module to keep passwords from being
reused? How would I set that up?
|
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list