Hi, i had recently installed installed pam_0.79 on suse 8.2. The system default version was pam o.77-38. The reason i upgrade to 0.79 is because it has "unlock _time" function in the pam_tally.so. Therefore i added the following line to my /etc/pam.d/login file: auth required pam_tally.so deny=2 unlock_time=20 It works fine except on my very first successful login attempt, it prompt that i had 1 failure login previously. If i had 1 failed login, it will reflect 2 fail ed login instead and so on. After i checked my /var/log/messages, it prompt that "tally underflowed". However, if i add a magic_root to the line: auth required pam_tally.so deny=2 unlock_time=20 magic_root the number of failed login becomes correct. However, the denying mechanism fails . It won't deny me after 2 failed login anymore. That is to say, even i login 20 times with the wrong password on the same account, I am still able to login on the next suceessful attempt. Therefore below are the few questions I hope you may help me solve my queries: 1. Can I just download and install pam_0.79 on my suse 8.2 machine 2. Will it be compatible on Suse 8 or I had to uninstall my pam_0.77-38 3. Is my login file written correctly 4. Any idea where has gone wrong Thank you for assisting me
I had done testing through tty and also telneting from another host. but they gave me the same result. No, i have yet use ftp. But i believe it will all be the same as the authentication is process at /etc/pam.d/login