| phn@icke-reklam.ipsec.nu 2004-12-04, 6:03 pm |
| Carol <googlemail2003@yahoo.com> wrote:
> I want to disable a user's password after they have tried
> unsuccessfully to login three times. I looked at the 'passwd' command
> and also the /etc/default/passwd file but did not find anything
> pertinent. The most I found was the ability to disconnect the session
> after three attempts. However the user can reconnect and keep trying.
> Our operating system is an antique - DC/Osx. It is similar to the OS
> on a Sieman's machine running ATT4.
> Thanks
You might seek another solution. Locking out users automatically
is a good way to create Denial of services.
Better let the intruder continue, make shure the password will
never match and start tracing him (and have the authoryties with you)
A non-working password can be obtained by adding a character to the hash,
thus disabling any matches. Changing the shell to /bin/false will also
make shure he never gets in.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
|