pam_tally2 does not lock account after the number of failed attempts.
Hi ,
I am trying to implement the user lockout after certain number of failed login attempts in RH5.6. Here is the contents of system-auth file.
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_ro
ot
account required /lib/security/$ISA/pam_unix.so
account required /lib/security/$ISA/pam_tally.so per_user deny=3 no_mag
ic_root reset
password required /lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lc
redit=-1 ucredit=-1 dcredit=-1 difok=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5
shadow remember=8
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
After 3 failure attempts, if i type the right password, sytem allows the user to login and reset the failure count.
Sree