3 thoughts on - Lock Out Account After 3 Failures

  • We use pam_tally2 for this, and it works well. There is a pam_tally2
    executable that you can run to look at what accounts are locked and how many failures, as well as reset the lockout.


    Jonathan Billings

  • HI all – its sorted. what I found is imperative is that the tally2 line MUST be the secoind lne in the system-auth and password-auth files, after the “env.so” line all good ian

    From: Gordon Messmer
    To: CentOS mailing list
    Sent: Friday, 17 March 2017, 17:15
    Subject: Re: [CentOS] lock out account after 3 failures

    Can you send the /etc/pam.d/system-auth that you used for your test?