Penguin
Recent Changes

Differences between version 7 and previous revision of pam_tally(8).

Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History

Newer page: version 7 Last edited on Friday, August 18, 2006 12:14:21 am by AristotlePagaltzis Revert
Older page: version 6 Last edited on Thursday, August 17, 2006 4:36:22 am by TomGreen Revert
@@ -1,19 +1,12 @@
-The pam_tally.so PAM module is intended to denying further authentication attempts after a given count of failed authentications.  
-pam_tally is the maintenance program for pam_tally.so: it can list and reset the accumulated counts
+The maintenance program for <tt> pam_tally.so</tt>. [pam_tally | http://www.baverstock.org.uk/tim/pam/] is a [ PAM] module intended to deny further authentication attempts after a given count of failed authentications. 
  
-The pam_tally project homepage is here:  
-http: //www.baverstock.org.uk /tim/pam
+pam_tally(8) can list and reset the accumulated counts. Note that this only uses a local file (defaults to <tt> /var /adm /faillog< /tt>) and has no facility to use [LDAP] or similar systems to combine results from several machines (or a cluster).  
  
-Note that this only uses a local file (defaults to /var/adm/faillog) and has no facility to use LDAP or similar systems to combine results from several machines (or a cluster).  
-  
- pam_tally provides a subset of the functionality of pam_abl ( http://www.hexten.net/pam_abl/) , but where pam_tally simply counts failing usernames, pam_abl allows for:  
-  
-- counting failing hosts as well as usernames (my logs show the same attacking hostnames trying lots of different usernames rather than the other way round)  
-  
-- configurable time-based failures (e.g. record a failure if the user or host fails 5 times in an hour or 10 in a day)  
-  
-- configurable time-based auto-purging of failure database 
+pam_tally provides a subset of the functionality of [ pam_abl | http://www.hexten.net/pam_abl/] , but where pam_tally simply counts failing usernames, pam_abl allows for:  
+* counting failing hosts as well as usernames (my logs show the same attacking hostnames trying lots of different usernames rather than the other way round)  
+* configurable time-based failures (e.g. record a failure if the user or host fails 5 times in an hour or 10 in a day)  
+* configurable time-based auto-purging of failure database 
  
 On the other hand, pam_abl seems to have 2 issues at the moment: 
-1. some users (including me ) report failures not being recorded in database (fixed in current CVS from sourceforge )  
-2. an issue with OpenSSH where failures don't seem to be recorded (more details here: http://sourceforge.net/tracker/?group_id=148927&atid=773100)  
+* some users (including TomGreen ) report failures not being recorded in database (fixed in current [ CVS] from SourceForge )  
+* an issue with OpenSSH [ where failures don't seem to be recorded | http://sourceforge.net/tracker/?group_id=148927&atid=773100]  
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.