[SOLVED] Lock account after failed password attempts

[Kissell]

Anyone can attempt to login to my computer Ubuntu machines as many times as they want... ewww... Ideally, I'd like to limit users to three login attempts and then lock out their account until an administrator unlocks it or the server is rebooted.

Google appears to suggest it's possible, but all the information I find seems to suggest editing a /etc/pam.d/system_auth file. I have the /etc/pam.d folder with files in it, but no system_auth file.

Can someone list out the steps necessary to accomplish this in Ubuntu?

[Dave_Connor]

If it is ssh access there is denyhosts and you can configure it to only allow 3 times before there ip is placed into hosts.deny and denied access until there ip changes or the administrator edits the denyhosts logs and unblocks them.

[Kissell]

No, I meant to say when someone is physically sitting in front of a terminal and logging into Ubuntu gnome desktop... I want to kill their account if they keep guessing at the password.

[Dave_Connor]

With some help with google. This may be what you are after ?
http://www.cyberciti.biz/tips/lock-u...-attempts.html

[Kissell]

Yeah, that's what I was talking about in the orignal post... All the google answers seem to say it can be done, by editing this system_auth file... but on Ubuntu version of linux there is no system_auth file in the /etc/pam.d folder.

[Kissell]

Ah, got it working...

In Ubuntu, the file is named:

/etc/pam.d/common-auth

instead of:

/etc/pam.d/system-auth

I had guessed this earlier... but it failed to work as a substitute... this is because I followed the directions and appended this code to that file.

auth required pam_tally.so onerr=fail deny=5 unlock_time=21600

however, that isn't what you need to do to make it work... that code must appear BEFORE the other codes in the file... so don't append it to the end, instead put it at the beginning, and now it works!

Thanks for holding my hand, I couldn't find a clear answer on this anywhere.

[oldos2er]

Old thread closed. Instead of bumping old threads, please start a new one if you have a question or problem.