This is the topic I was trying to do for many days but it was not working. Finally I have done it and it’s time to share it with you guys. So following are the steps to do this task-

  • Open /etc/pam.d/system-auth file.
  • Now write these lines just above the line stating auth sufficient pam_unix.so:

auth required pam_tally2.so onerr=fail deny=3

account  required   pam_tally2.so reset

Lock User Accounts After Failed Login Attempts

Now the account will be locked after three failed login attempts. There are various other options you can use like-

  • unlock_time=100 will unlock the account after 100 seconds. You can use any value for unlock_time field. If you don’t use this parameter then you’ll have to manually unlock a locked account using pam_tally2 -r -u username command.
  • lock_time=100 will lock the account for 100 seconds after failed attempts to login.
  • no_magic_root will avoid locking root account.

This is more than enough guys but for any additional help you can see the respective man pages.

Advertisements