pam_tally only for root
Thorsten Kukuk
kukuk at suse.de
Mon Jan 24 22:04:01 UTC 2005
On Mon, Jan 24, Asif Iqbal wrote:
> Hi All
>
> I am planning to use pam_tally for console login to the server. Now I
> like use it only for root account and no other user. In other words only
> for root account allow 3 try and then lock it out until someone manually
> reset it. We have system admin users who have full sudo access to do
> that. User's do not need to be tallied becasue they all use SecurID for
> authentication which has been setup to lock account after 3 fail tries.
>
> Is that possible or should I look for a different solution?
It should be possible, if you use the per_user setting and aonly
set a limit with faillog -m.
Thorsten
--
Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk at suse.de
SuSE Linux Products GmbH Maxfeldstr. 5 D-90409 Nuernberg
--------------------------------------------------------------------
Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
More information about the Pam-list
mailing list