Hi,
I was able to configure pam_tally on RHEL 5.5/6 and verify that account gets locked after 'n' unsuccessful attempts through different auth mechanisms like su, sshd, login etc.
I can also see the output of pam_tally or faillog that reflects the number of failed login attempts.
But when I try passwd -S <user name> after an account is locked through use of pam_tally, it does not relect account locked status.
see below for example output of faillog as well passwd -S after an account is locked using pam_tally
# faillog -u testuser1
Login Failures Maximum
testuser1 4 0
# passwd -S testuser1
testuser1 PS 10/17/2011 0 99999 7 -1
if I explicity lock a user using passwd -l option then the output of passwd -S reads as below
# passwd -S testuser1
testuser1 LK 10/17/2011 0 99999 7 -1
Can any one tell me if pam_tally and passwd lock options understand each other, if yes, is there any other configuration I have to do..
Thanks
ADK
I was able to configure pam_tally on RHEL 5.5/6 and verify that account gets locked after 'n' unsuccessful attempts through different auth mechanisms like su, sshd, login etc.
I can also see the output of pam_tally or faillog that reflects the number of failed login attempts.
But when I try passwd -S <user name> after an account is locked through use of pam_tally, it does not relect account locked status.
see below for example output of faillog as well passwd -S after an account is locked using pam_tally
# faillog -u testuser1
Login Failures Maximum
testuser1 4 0
# passwd -S testuser1
testuser1 PS 10/17/2011 0 99999 7 -1
if I explicity lock a user using passwd -l option then the output of passwd -S reads as below
# passwd -S testuser1
testuser1 LK 10/17/2011 0 99999 7 -1
Can any one tell me if pam_tally and passwd lock options understand each other, if yes, is there any other configuration I have to do..
Thanks
ADK
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list