Hi folks and happy new year,
I'm writing a PAM module that will allow me to reject connections from remote hosts that have been responsible a large number of failed login attempts. I've pretty much got working code but I'm agonising over the best way to log failed attempts.
I can get something working by flagging a request as potentially failed during auth processing and then clearing that flag if we get as far as session processing. I'd use pam_set_data() effectively for the side effect of giving me a callback to the cleanup routine which is where I'd actually record the success or failure of the login attempt (in a DBM database).
I assume that'll work in which case it'll scratch my immediate itch but I also assume that it's not the cleanest way to detect a failed auth attempt. Can anyone recommend a nicer approach?
-- Andy Armstrong
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
