What is pam_faillock and how to use it in Red Hat Enterprise Linux?

Solution Verified - Updated -

Issue

  • What is pam_faillock ? How to implement account lockout policy using pam_faillock.so ?
  • pam_tally is deprecated in RHEL6, what can I configure instead of pam_tally ?
  • How do I reset/view failure attempts of user for pam_faillock ?
  • How can I use pam_faillock to disable a particular user(s) from getting locked out after multiple unsuccessful login attempts?
  • Since faillog command (pam_tally) is not available in RHEL 6, how do I use pam_faillock instead ?
  • pam_tally counter reset does not work correctly
  • What can I use instead of pam_tally2 since it is unavailable in RHEL 8?

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9
  • PAM
  • pam_faillock.so

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content