A topic of concern in Linux
Steve Holmes
steve at holmesgrown.com
Wed Jan 21 07:46:01 EST 2004
This is a very excellent point! I've also been looking for ways to
implement this along with expiration of passwords - in other words,
force a user to change the password after so many days. How can one
go about these things in linux? I've seen the expires value when
building user accounts but I haven't seen anything that would locak
out after so many invalid attempts. Is there anything out there
readily available or does one need to build it?
On Wed, Jan 21, 2004 at 03:02:54AM -0700, Joseph C. Lininger wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This doesn't really apply to the root user, but another thing you can
> do which will help to increase security is to implement an account
> lockout polacy. That is, logins are disabled on an account after say,
> three invalid login attempts. The disadvantage to this is that you
> have to manually unlock an account when this happens, but this also
> means you know if someone is trying to break in to an account. Like I
> said before, though, this obviously doesn't work for root. You should
> definitely make sure your remote login software (telnet, ssh, etc.)
> disconnects users after to many invalid login attempts.
> - ---
> Joseph C. Lininger
> jbahm at pcdesk.net
--
HolmesGrown Solutions
The best solutions for the best price!
http://ld.net/?holmesgrown
More information about the Speakup
mailing list