When a Linux (Ubuntu) user enters an incorrect password N times in a row to log in, the system will be automatically locked for X minutes

1. Edit the PAM configuration file

sudo vim /etc/pam.d/login

In the second line add

auth required pam_tally2.so deny=3 unlock_time=5 even_deny_root root_unlock_time=10

Parameter Introduction

even_deny_root also restricts the root user;
deny sets the maximum number of consecutive incorrect logins for common users and root users. If the maximum number is exceeded, the user will be locked out.
unlock_time sets the time after which a normal user will be unlocked after being locked, in seconds;
root_unlock_time sets the time after which the root user will be unlocked after being locked, in seconds;

insert image description here

The pam_tally2 module is used here. If pam_tally2 is not supported, you can use the pam_tally module. In addition, different pam versions may have different settings. For specific usage methods, please refer to the usage rules of related modules.

Notice

In the second line, add content. It must be written in the front . If it is written at the end, although the user is locked, as long as the user enters the correct password, he can still log in!

2. Modify the sshd file

This only restricts users from logging in from tty, but not from remote login. If you want to restrict remote login, you need to modify the sshd file.

sudo vim /etc/pam.d/sshd

Continue to add on the second line

auth required pam_tally2.so deny=3 unlock_time=5 even_deny_root root_unlock_time=10

insert image description here

View the number of failed login attempts:

sudo pam_tally2 --user

result

ubuntu@VM-0-5-ubuntu:~$ sudo pam_tally2 --user
Login Failures Latest failure From
root 3 09/29/19 15:53:24 45.119.212.105
ubuntu 9 09/29/19 15:46:58 223.107.140.84

Unlock the specified user:

sudo pam_tally2 -r -u ubuntu

ubuntu@VM-0-5-ubuntu:~$ sudo pam_tally2 -r -u ubuntu
Login Failures Latest failure From
ubuntu 15 09/29/19 15:58:49 223.107.140.84

ps: When using remote ssh, I entered the wrong password more than three times but there was no prompt. I was using Xshell and I don’t know if other terminals have prompts, but as long as the set value is exceeded, I cannot log in even if I enter the correct password ! , or wait until the set time and try to enter the correct password again for login authentication

Summarize

The above is what I introduced to you. When a Linux (Ubuntu) user enters an incorrect password N times in a row to log in, the system will be automatically locked for X minutes. I hope it will be helpful to you. If you have any questions, please leave me a message and I will reply to you in time. I would also like to thank everyone for their support of the 123WORDPRESS.COM website!
If you find this article helpful, please feel free to reprint it and please indicate the source. Thank you!

You may also be interested in:

Solve the problem of ERROR 1045 (28000): Access denied for user ''root''@''localhost'' when logging in after installing MySQL 5.7.17 on Ubuntu 16.04
Detailed explanation of the installation and login of ssh service under Ubuntu (ssh remote login)
Ubuntu 14.04 Graphical solution for forgetting user login password
A quick solution to Ubuntu 16.04's no dash, no launch bar, no menu bar, only desktop background after logging in
Ubuntu 16.04 server configuration ssh password-free login
Detailed explanation of Ubuntu 14.04 bridge network settings and SSH login
Detailed installation and configuration of SSH for remote login to Ubuntu server
Ubuntu uses the root user to log in/switch root permissions
How to set up ssh password-free login installation in Ubuntu
Complete steps to implement face recognition login in Ubuntu

<<: How to convert JavaScript array into tree structure

>>: MySQL SQL statement to find duplicate data based on one or more fields