How to use SSH with Failed Login attempts and locking accounts
Hughes Andy
Andy.Hughes at HCAHealthcare.com
Wed Jul 12 06:50:22 EST 2006
I have searched the FAQ's and have not seen an answer to this question.
I have also read the manuals for the SSH and have not found an answer to
this issue.
My question is this:
I am using openssh (OpenSSH_4.2p1, OpenSSL 0.9.8 05 Jul 2005) on MP-RAS
Version 3.3.1.8 and 3.2 and I desire to allow a user to fail login for
any reason only 3 (three) times and then lock the account. I can use
the option of FAILLIMIT=3 in the /etc/default/login file for telnet
sessions, and this will lock the account after three failed login
attempts by the user. But this does not work for SSH. I have also
placed the same option in the file of /etc/default/login.openssh with no
such luck.
I have researched, googled and ran other internet searches for
this topic and have yet to find any answer. Could someone help me with
this. It is an audit requirement here, to start locking an account when
the user fails the login process, for any reason, after three attempts.
Any help is appreciated. Thanks in advance for the help.
Andy Hughes
Systems Programmer
Unix Systems
HCA Information Technology & Services
2555 Park Plaza
Bldg 4 - 2 East
Nashville, Tn. 37203-1512
t: 615-344-6961
f: 615-344-8384
p: 615-733-7562
pager(interactive): andy.hughes at my2way.com
e: andy.hughes at hcahealthcare.com
w: www.hcahealthcare.com
More information about the openssh-unix-dev
mailing list