Solved

OpenBSD lockout user after failed login attempts

Posted on 2004-10-19
5
502 Views
Last Modified: 2010-05-18
Is it possible to configure OpenBSD to lock out a user after several failed login attempts?  If yes how.
0
Comment
Question by:howardsx5
5 Comments
 
LVL 5

Expert Comment

by:paranoidcookie
ID: 12350241
Not so familiar with openBSD try asking in UNIX channel

There might be an option in one of

/etc/security/limits.conf

/etc/limits 
0
 
LVL 2

Accepted Solution

by:
ITG-SSNA earned 500 total points
ID: 12364455
Check the /etc/login.conf

login-backoff     number     3            After login-backoff unsuccess-
                                               ful login attempts during a
                                               single session, login(1) will
                                               start sleeping a bit in between
                                               attempts.


LOGIN.CONF(5)             OpenBSD Programmer's Manual            LOGIN.CONF(5)



NAME
     login.conf - login class capability database



SYNOPSIS
     /etc/login.conf



DESCRIPTION
     The login.conf file describes the various attributes of login classes.  A
     login class determines what styles of authentication are available as
     well as session resource limits and environment setup.  While designed
     primarily for the login(1) program, it is also used by other programs,
     e.g., ftpd(8), to determine what means of authentication are available.
     It is also used by programs, e.g., rshd(8), which need to set up a user
     environment.

     A special record, ``default'', in /etc/login.conf is used for any user
     without a valid login class in /etc/master.passwd.

     Sites with very large /etc/login.conf files may wish to create a database
     version of the file, /etc/login.conf.db, for improved performance.  Using
     a database version for small files does not result in a performance im-
     provement.  To build /etc/login.conf.db from /etc/login.conf the follow-
     ing command may be used:

           # cap_mkdb /etc/login.conf

     Note that cap_mkdb(1) must be run after each edit of /etc/login.conf to
     keep the database version in sync with the plain file.


0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Fine Tune your automatic Updates for Ubuntu / Debian
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now