Failed Login to Only Spit Out message after 3 Failed Tries
From: Spook (spectre_at_xtra.co.nz)
Date: 06/21/05
- Previous message: Payal: "Re: running remote commands"
- Next in thread: Spook: "Re: Failed Login to Only Spit Out message after 3 Failed Tries"
- Reply: Spook: "Re: Failed Login to Only Spit Out message after 3 Failed Tries"
- Reply: Spook: "Re: Failed Login to Only Spit Out message after 3 Failed Tries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Jun 2005 11:04:19 -0700
All,
To amend a SOXIT deficiency I wrote a script to lock out the user if
they failed 3 login attempts. I'm using OpenSsh 3.9p1 in Solaris 9
So the script I wrote scanned the /var/adm/messages file and filtered
for he date and the pattern "Failed Password". From there if it sees an
occurrence of the "Failed Password..." it locks the user out.
Unfortunately, I have come to realize that unlike telnet, the first
password failure attempt already inserts the "Failed Password..." line
in the /var/adm/mesages file.
I have tried several LOG levels but I see no different behavior.
Can anybody offer any advice how I can set sshd to only insert failed
login entries in the /var/adm/messages after the the number of retries
I have specified in the sshd_config?
Thanks in advance...
- Previous message: Payal: "Re: running remote commands"
- Next in thread: Spook: "Re: Failed Login to Only Spit Out message after 3 Failed Tries"
- Reply: Spook: "Re: Failed Login to Only Spit Out message after 3 Failed Tries"
- Reply: Spook: "Re: Failed Login to Only Spit Out message after 3 Failed Tries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
