pam_tally not working properly

Discussion in 'Installation/Configuration' started by clar, Apr 25, 2006.

  1. clar

    clar New Member

    Hi, i had recently installed installed pam_0.79 on suse 8.2. The system default
    version was pam o.77-38. The reason i upgrade to 0.79 is because it has "unlock
    _time" function in the Therefore i added the following line to my
    /etc/pam.d/login file:

    auth required deny=2 unlock_time=20

    It works fine except on my very first successful login attempt, it prompt that i
    had 1 failure login previously. If i had 1 failed login, it will reflect 2 fail
    ed login instead and so on. After i checked my /var/log/messages, it prompt that
    "tally underflowed". However, if i add a magic_root to the line:

    auth required deny=2 unlock_time=20 magic_root

    the number of failed login becomes correct. However, the denying mechanism fails
    . It won't deny me after 2 failed login anymore. That is to say, even i login 20
    times with the wrong password on the same account, I am still able to login on
    the next suceessful attempt.

    Therefore below are the few questions I hope you may help me solve my queries:
    1. Can I just download and install pam_0.79 on my suse 8.2 machine
    2. Will it be compatible on Suse 8 or I had to uninstall my pam_0.77-38
    3. Is my login file written correctly
    4. Any idea where has gone wrong

    Thank you for assisting me
  2. falko

    falko Super Moderator Howtoforge Staff

    Are you talking about SSH logins, FTP, ...?
  3. clar

    clar New Member

    I had done testing through tty and also telneting from another host. but they gave me the same result. No, i have yet use ftp. But i believe it will all be the same as the authentication is process at /etc/pam.d/login
  4. falko

    falko Super Moderator Howtoforge Staff

    Can you try with SSH or FTP?

Share This Page