pam_abl "whitelist" feature request

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Andy,

I've been using pam_abl at home a bit, and every now
and again, I hit the problem of my own user-id gets locked
due to brute-force attacks. (pam_abl in action :-)

In order to regain access, I have to use:

   pam_abl --okuser=myname

The "problem" is that this opens up the userid for
everyone again, and purges the database of entries
(so I lose the stats that pam_abl keeps)

What I would like to do, is allow myuser from 127.0.0.1 only, until
the normal pam_abl criteria expires. ie to have specific
username/host combinations which are "whitelisted".

Or even hosts that are white-listed: ie.
    If a login comes from, say 127.0.0.1, and the
    allow the login regardless of the blocking/non-blocking
    state of the user.

I haven't looked at how hard/easy this is in the code, but I thought
I'd mention is as something to consider.

Regards,
   George Hansper






_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux