> > login: delay when password was typed incorrectly is security measure of the > > past > > please make this delay configurable > > The delay is not set by login, but by PAM. > It can be disabled by adding the nodelay option to the pam_unix auth module.
Ah, ok, thanks! > However, I do not recommend to use this. > A delay when a password is incorrect is a very efficient security > measure against password brute force. > I was very efficient, and with the time (and CPU resources or bandwidth > being more and more cheap for the attacker and for an attacked server) it > is more and more efficient. What about parallel logins? Folkert van Heusden -- Feeling generous? -> http://www.vanheusden.com/wishlist.php ---------------------------------------------------------------------- Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
