Date: Wed, 06 Aug 2008 08:32:47 -0500 From: Kevin Kinsey <kdk@daleco.biz> To: Khachatur Shahinyan <khachatur.shahinyan@arca.am> Cc: freebsd-questions@freebsd.org Subject: Re: Freebsd auto locking users Message-ID: <4899A7FF.50601@daleco.biz> In-Reply-To: <48993E71.9090008@arca.am> References: <48993E71.9090008@arca.am>
next in thread | previous in thread | raw e-mail | index | archive | help
Khachatur Shahinyan wrote: > Dear FreeBsd gurus, I have a problem concerning users password and > authentication policies. The goal is > 1)make freebsd to lock users after 3 unsuccessful login attempts, > 2)force users to change their passwords every 90 days > > I've done such changes in Linux distros, with various PAM modules.But in > Freebsd it seems that i need to use login.conf file. I think you want PAM in FreeBSD also. Check http://www.freebsd.org/doc/en/articles/pam/index.html > Here I made > necessary changes in that file: > >>>>>> > default:\ > ............. > ............. > ............. :login-retries=1:\ > :passwordtime=90d:\ > :warnpassword=7d:\ > :warnexpire=7d:\ > >>>>>>> > Then I made the cap_mkdb /etc/login.conf , and everything went normal, > no error messages, but after adding a test user I see no changes in the > master.passwd file. > The fields which are reserved for password aging parameters are 0:0 > test:$1$F9yf.PuK$xqIsGEgK3MexpPZ4UBav0.:1001:1001::0:0:User > &:/home/test:/bin/sh > > And the locking point does not work either, e.g. no matter how many > times I input wrong password, I'm still able to login. :( > I cannot understand what I'm doing wrong, and what should be done solve > this issues? I'm not an expert Freebsd administration, so any comments > and suggestions are welcome. Kevin Kinsey -- //GO.SYSIN DD *, DOODAH, DOODAH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4899A7FF.50601>