Thursday, October 29, 2015

Solaris 10 ssh lock after retires policy

Check :-

bash-3.2# cat /etc/security/policy.conf | grep LOCK_AFTER_RETRIES=NO
#LOCK_AFTER_RETRIES=NO
bash-3.2# cat /etc/security/policy.conf | grep LOCK_AFTER_RETRIES
# LOCK_AFTER_RETRIES specifies the default account locking policy for local
#LOCK_AFTER_RETRIES=NO
bash-3.2#

Apply :- 


bash-3.2# cp /etc/security/policy.conf /etc/security/policy.orig
bash-3.2#
bash-3.2#
bash-3.2# echo "LOCK_AFTER_RETRIES=YES" >>  /etc/security/policy.conf
bash-3.2#
bash-3.2# cat /etc/security/policy.conf | grep LOCK_AFTER_RETRIES
# LOCK_AFTER_RETRIES specifies the default account locking policy for local
#LOCK_AFTER_RETRIES=NO
LOCK_AFTER_RETRIES=YES

Now if you have appply the rule below, it should work .. 

bash-3.2# cat /etc/default/login | grep RETRIES
# login will wait after RETRIES failed attempts or the PAM framework returns
# RETRIES determines the number of failed logins that will be
# will be locked if failed logins equals or exceeds RETRIES.
RETRIES=5
bash-3.2#

at No comments:
Subscribe to: Posts (Atom)

Featured Post

Managing CA Certificates on Red Hat Linux 9: Understanding update-ca-trust extract

  Managing CA Certificates on RHEL9 RHEL8 OracleLinux9 OracleLinux8 In today's digital landscape, securing communications and verifying ...