Solved

OpenBSD lockout user after failed login attempts

Posted on 2004-10-19
5
507 Views
Last Modified: 2010-05-18
Is it possible to configure OpenBSD to lock out a user after several failed login attempts?  If yes how.
0
Comment
Question by:howardsx5
5 Comments
 
LVL 5

Expert Comment

by:paranoidcookie
ID: 12350241
Not so familiar with openBSD try asking in UNIX channel

There might be an option in one of

/etc/security/limits.conf

/etc/limits 
0
 
LVL 2

Accepted Solution

by:
ITG-SSNA earned 500 total points
ID: 12364455
Check the /etc/login.conf

login-backoff     number     3            After login-backoff unsuccess-
                                               ful login attempts during a
                                               single session, login(1) will
                                               start sleeping a bit in between
                                               attempts.


LOGIN.CONF(5)             OpenBSD Programmer's Manual            LOGIN.CONF(5)



NAME
     login.conf - login class capability database



SYNOPSIS
     /etc/login.conf



DESCRIPTION
     The login.conf file describes the various attributes of login classes.  A
     login class determines what styles of authentication are available as
     well as session resource limits and environment setup.  While designed
     primarily for the login(1) program, it is also used by other programs,
     e.g., ftpd(8), to determine what means of authentication are available.
     It is also used by programs, e.g., rshd(8), which need to set up a user
     environment.

     A special record, ``default'', in /etc/login.conf is used for any user
     without a valid login class in /etc/master.passwd.

     Sites with very large /etc/login.conf files may wish to create a database
     version of the file, /etc/login.conf.db, for improved performance.  Using
     a database version for small files does not result in a performance im-
     provement.  To build /etc/login.conf.db from /etc/login.conf the follow-
     ing command may be used:

           # cap_mkdb /etc/login.conf

     Note that cap_mkdb(1) must be run after each edit of /etc/login.conf to
     keep the database version in sync with the plain file.


0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question