Vladimir A. Pavlov wrote these words on 07/04/06 12:52 CST: > On, Monday 03 July 2006 23:15 Randy McMurchy wrote: >> You should not be using login.defs to handle >> login retries. It should be configured through PAM. Specifically, >> it should be configured via the pam_tally module. > > I looked through pam_tally (and other PAM modules) documentation and > found nothing concerning how to set the retries number.
Then you didn't look very hard. :-( http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.24 Pay special attention to the deny=N option. It works perfect for me. What exactly is not working when you use it? It may not specifically say "retries", but to me the excerpt below is synonymous. "The deny=n option is used to deny access if tally for this user exceeds n." Isn't that *exactly* the same as "retries"? -- Randy rmlscsi: [bogomips 1003.27] [GNU ld version 2.16.1] [gcc (GCC) 4.0.3] [GNU C Library stable release version 2.3.6] [Linux 2.6.14.3 i686] 13:04:00 up 53 days, 5:04, 1 user, load average: 1.36, 0.53, 0.29 -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
