Jonathan Oksman wrote these words on 03/23/07 12:35 CST: > The problem with this configuration is that it allows users to brute > force for usernames at the login prompt. The breakdown is like this: > > - user enters an incorrect name > - pam_securetty.so fails to validate the username, and returns > incomplete. since it is a requisite, login fails right here. > > The way to make login behave as it did before installing PAM would be to > make the following configuration:
This is a great idea. I just tested it using my pam.d/login file and it works as you suggest. I'll create the ticket right now. Thanks for the tip, Jonathan. -- Randy rmlscsi: [bogomips 1003.28] [GNU ld version 2.16.1] [gcc (GCC) 4.0.3] [GNU C Library stable release version 2.3.6] [Linux 2.6.14.3 i686] 12:57:00 up 14 days, 10:56, 1 user, load average: 0.01, 0.07, 0.05 -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
