I've recently set up my first VPS, which is running cPHulk, and cPHulk has reported several failed login attempts:
5 failed login attempts to account users@192 (mail) -- Large number of attempts from this IP: xxx.xxx.xxx.xxx
I imagine this is just a run of the mill thing, but as I'm new to server administration I don't want to ignore any potential security holes!
Good morning. For the last day or so I've been trying to trouble shoot my /etc/pam.d/system-auth file. I have new requirements to have the user accounts locked after 3 failed login attempts. I've been able to implement the changes but for some reason when I do a #passwd -S <username> the user does not show locked even though I can not login as the user.
Linux has Pluggable Authentication Modules (PAM) built-in, offering configurable authorization for Linux applications and services.. This tutorial shows how to configure PAM to monitor failed ssh login attempts on CentOS.