Package: libpam-modules Version: 0.76-22 I tried to secure my ssh server with pam_tally.Pam_tally lock the account very well, but at home, pam_tally quickly if password is true. I add in my /etc/pam.d/ssh :
auth required pam_tally.so onerr=fail no_magic_root account required pam_tally.so onerr=fail deny=4 reset no_magic_root (I use too allowgroup in /etc/ssh/sshd_config) When i comment pam_tally's lines from /etc/pam.d/ssh, clients will connect. If somebody try a brut force cracking, even if pam_tally lock the account, he can use timming to know if password is correct? So if root unable the lock-account, the cracker could use it. I am using Debian GNU/Linux 3.1, kernel 2.6.8-2-386. ps:Sorry for my english, I am french...
