Ubuntu 18.04
Sponsored Link

Count attempted Accesses2018/11/27

 
Count attempted Accesses.
[1] If counts of attempted accesses of a user is over the value, the user account will be locked.
root@dlp:~#
vi /etc/pam.d/common-auth
# deny=N means a user account is locked over N times attempted (root is not applied)

# if also apply to root, add [even_deny_root]

# unlock_time=N means a locked account will be unlocked after N secconds later (if not specified this value, locked account will not be unlocked automatically)

# if specify [even_deny_root], it's also possible to specify locked timed with [root_unlock_time=N]


auth    required        pam_tally2.so deny=5 unlock_time=60
# here are the per-package modules (the "Primary" block)
auth    [success=1 default=ignore]      pam_unix.so nullok_secure

root@dlp:~#
vi /etc/pam.d/common-account
# add follows before pam_unix.so

account required                        pam_tally2.so
# here are the per-package modules (the "Primary" block)
account [success=1 new_authtok_reqd=done default=ignore]        pam_unix.so
# here's the fallback if no module succeeds
account requisite                       pam_deny.so
[2] Refer to a count of attempted accesses or unlock a locked account manually like follows.
# show a count of attempted accesses

root@dlp:~#
pam_tally2 -u ubuntu

Login           Failures Latest failure     From
ubuntu              8    11/27/18 19:36:50  10.0.0.241

# unlock a locked account manually

root@dlp:~#
pam_tally2 -r -u ubuntu
Matched Content