tallylog

 

 


pam_tally

The login counter (tallying) module

This module maintains a count of attempted accesses, can reset count on success, can deny access if too many attempts fail.

Location

/var/log/tallylog

Package

rpm -qf /var/log/tallylog

pam-1.1.8-23.el7.x86_64

Examples

To lock the account after 4 failed logins. Root account will be locked as well !

/etc/pam.d/login

auth     required       pam_securetty.so
auth     required       pam_tally2.so deny=4 even_deny_root unlock_time=1200
auth     required       pam_env.so
auth     required       pam_unix.so
auth     required       pam_nologin.so
...