George Hansper wrote:
I'd like to set the MaxAuthTries for passwords as low as possible (ie 1 only), since that this the only way to get sensible results from failed-login counters such as pam_tally and pam_abl.
You can just scale the trigger levels accordingly though. I'm running a pam_abl setup which only allows three failures an hour but as far as the user's concerned they get nine attempts to remember their password because sshd allows three retries per connect.
That's unless I'm missing something of course :)
-- Andy Armstrong, hexten.net
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
