UNIX login attempt restriction

UNIX login attempt restriction

Post by Brian S Hile » Thu, 02 Nov 1995 04:00:00

: If a enter a invalid login name and password, the system continuously asks
: for my username.

: I'm logging in via a modem to a Motorola host running System 5 Rel 3 using ksh.

: I know on other systems you get 3 chances and then your forced out.

: How can I get the host to force me out after 3 attempts ?

: Thanks,
: David Ballarin.

: Telstra Australia

Motorola, OK, but which UN*X version? (Almost) modern UN*X computers
have a "login" binary (/etc/login, that is) that will allow configuration
to some extent. On my system (SGI IRIX 5.3) the file /etc/defaults/login
can have a field MAXTRYS (=3 by default) to set this.

So.... man "login"


1. Root login restrictions, without complete su restriction?

I'm trying to help a client beef up the previously lax security on their
AIX 4.1.4 system, and what I'd like to be able to do is something that
other UNIX operating systems allow, and I'm just having a bit of trouble
figuring out how to implement it on AIX.

I'd like to restrict anyone from logging in directly as "root" on all
terminals except for the console, but allow users in the "system" group
to "su" to root.  I've got this working with "rlogin" and "telnet" by
disallowing remote logins in root's security characteristics, but as
far as I've been able to figure out so far, restricting the terminals
is essentially an all-or-nothing proposition.

If I restrict root to "/dev/tty0", the console, not only can I not log
in as root anywhere else, but I also can't "su" to root, even though
I'm in the system group.

Is there some way to prevent a direct login as root, but still allow
"su" by authorized users?  Is there some concept of an "unsecure"

Thanks for any suggestions!

        -Mike Pelletier.

2. router accounting via ipchains

3. New Login Prompt after Login Attempt HELP!!!

4. NameServer Caching

5. ssh login restriction

6. I need some Iptables usage advice

7. NIS-Server login restriction

8. Red Hat 4.0 won't let me login

9. Breaking the login restriction

10. Login Restriction Problem, Pls help

11. RADIUS Server--Sun Directory Services 3.1--Restriction of multiple logins with same userid

12. login name restrictions

13. Access control in Apache: how to combine domain restriction and login access?