Limit User Login Attempts (Ubuntu 12.10, pam_tally.so, pam_tally2.so)

login 12.10

Solution 1:

This is from the pam_tally "man" page.

pam_tally has several limitations, which are solved with pam_tally2. For this reason pam_tally is deprecated and will be removed in a future release.

You can view it (and any other command in this format) by entering the following into Terminal:

man pam_tally

Do you intend to implement lockouts at the keyboard and/or over the network (ssh)? I don't have an example for you but below you may 'find the answers you seek.' First you'll need to edit that file you mentioned by entering this from Terminal:

sudo gedit /etc/pam.d/common-auth

Add this at the top of the file (order of rules matters):

auth required pam_tally.so per_user magic_root onerr=fail

This sets the number of allowed attempts

sudo faillog -m 3

The -l option sets the lock time.

faillog -m 3 -l 3600

To unlock an account

faillog -u login_name -r

Credits: http://blog.bodhizazen.com/linux/ubuntu-how-to-faillog/

Good luck and I hope you make the wise choice to stay with Ubuntu.

Related

Cannot create a crontab job for my scrapy program
Can't mount HFS+ drive, bad superblock?
Why is Chromium not updated automatically as Firefox is?
Disable auto-login from the CLI
How to get paragraph for certain option of command right away?
After enabling hibernate grub menu appears on start-up with 30s timeout
CORS support for PUT and DELETE with ASP.NET Web API
Password protecting a directory and all of it's subfolders using .htaccess
Best explanation of Ruby blocks? [closed]
Android : How to detect the image orientation (portrait or landscape) picked from gallery while setting on an imageview?
How to change focus color of EditText in Android
C# reflection and finding all references