I'm attempting to configure Debian 4.0 to lock user accounts after 3 failed login attempts. I've added: account required pam_tally.so onerr=fail deny=3 as the first non-commented line in /etc/pam.d/common-account and auth required pam_tally.so per_user magic_root onerr=fail as the first non-commented line in /etc/pam.d/common-auth. When I run faillog I get: Login Failures Maximum Latest On username 16 3 10/08/10 11:03:43 -0400 192.168.0.1 but when I try to login as username via ssh or su -, I am still able to login if I give a valid password. Is there any good resource for configuring pam_tally and faillog other than their man pages?
Thanks, Max Brustkern
