Limit number of login attempts

This commit is contained in:
Bob Mottram 2016-11-29 18:10:27 +00:00
parent b8b0637e13
commit a686f2401c
1 changed files with 7 additions and 1 deletions

View File

@ -381,10 +381,16 @@ function set_max_login_tries {
max_tries=$1 max_tries=$1
if ! grep ' deny=' /etc/pam.d/common-auth; then if ! grep ' deny=' /etc/pam.d/common-auth; then
sed -i "/pam_deny.so/a auth required pam_tally2.so onerr=fail unlock_time=1800 deny=$max_tries" /etc/pam.d/common-auth sed -i "/pam_deny.so/a auth required\t\t\tpam_tally.so onerr=fail no_lock_time per_user deny=$max_tries" /etc/pam.d/common-auth
else else
sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-auth sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-auth
fi fi
if ! grep ' deny=' /etc/pam.d/common-account; then
sed -i '/pam_deny.so/a account required\t\t\tpam_tally.so' /etc/pam.d/common-account
else
sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-account
fi
} }
function setup_firewall { function setup_firewall {