Faillog Reset All User Failed Login Attempt Record Instead of Single User
In my previous post I talked about How to Configure SLES Linux to track and log failed login attempt records. One of Planet Malaysia Blog reader sent me an email asked me for help regarding an issue “faillog command reset all user failed login attempt record instead of single user on Linux“.
After checked and I found out the issue because of faillog option:
Reset all user failed login attempt record
#faillog -r -u user1
Only reset username: user1
#faillog -u user1 -r
So basically “faillog -u username -r” is the correct option to reset faillog for single user.
Possibly Related Posts:
- How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
- Top 10 Free Anti Virus
- Microsoft SQL 2008 Agent not starts
- VMware Workstation 7 Serial Key
- WP Contact Form III – You do not have sufficient permissions to access this page Error
SLED and SLES 11 Beta Testing Opportunity
Act Now!
Beta Testing Opportunity: SLED/SLES 11
The Novell Beta Program is accepting applications to beta test SUSE Linux Enterprise software.
The beta testing will run from September until February. If you are interested in applying for the beta, complete an application:
All applications must be submitted by Sunday, September 7.
Basically you’re required to fill in a survey and enter your detail for further approval.
Possibly Related Posts:
- MSC Malaysia Fully Sponsored 3D Animation Course
- 2009 Metrics
- lppasswd: Unable to open passwd file: Permission denied
- Missing /var/log/lastlog
- Happy Deepavali 2009
Using Active Directory for SuSE Linux 10 Authentication
My previous post about How to Authenticate to Active Directory on SuSE Linux 9 & How to join Fedora Core 6 Samba Server to Windows 2003 Active Directory talked about using Microsoft Active Directory(AD) for Linux authentication. Yes! Linux & Microsoft can be friends.
Now we talk about SuSE Linux 10 and Microsoft AD authentication.
Basically everything are same as SLES 9 except PAM configurations.
Note: The setup running on SLES10 SP2 (It should be work on SP1)
Below are PAM configuration for SLES10:
/etc/pam.d/common-password
password sufficient pam_winbind.so
password required pam_pwcheck.so nullok
password required pam_unix2.so nullok use_authtok
/etc/pam.d/common-account
account required pam_unix2.so
/etc/pam.d/common-session
session optional pam_mkhomedir.so
session required pam_limits.so
session required pam_unix2.so
/etc/pam.d/common-auth
auth required pam_env.so
auth required pam_unix2.so
/etc/pam.d/passwd
auth include common-auth
account include common-account
password include common-password
session include common-session
/etc/pam.d/sshd
auth include common-auth
auth required pam_nologin.so
account include common-account
password include common-password
session include common-session
/etc/pam.d/login
auth required pam_securetty.so
auth include common-auth
auth required pam_nologin.so
account include common-account
password include common-password
session include common-session
session required pam_lastlog.so nowtmp
session required pam_resmgr.so
session optional pam_mail.so standard
/etc/pam.d/su
auth sufficient pam_rootok.so
auth include common-auth
account include common-account
password include common-password
session include common-session
session optional pam_xauth.so
/etc/pam.d/sudo
auth include common-auth
account include common-account
password include common-password
session include common-session
/etc/security/pam_unix2.conf
auth: call_modules=winbind
account: call_modules=winbind
password: call_modules=winbind
session: none
Possibly Related Posts:
- How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
- Top 10 Free Anti Virus
- How to Install Webmin on OpenFiler
- Microsoft SQL 2008 Agent not starts
- VMware Workstation 7 Serial Key
How to DENY SSH access for certain user on Linux
Due to some security reason, you may require to block certain user SSH access to Linux box.
Edit the sshd_config file, the location will sometimes be different depend on Linux distribution, but it’s usually in /etc/ssh/.
Open the file up while logged on as root:
vi /etc/ssh/sshd_config
Insert a line:
DenyUsers username1 username2 username3 username4
Referring to #man sshd_config:
DenyUsers
separated by spaces. Login is disallowed for user names that
match one of the patterns. â*â and â?â can be used as wildcards
in the patterns. Only user names are valid; a numerical user ID
is not recognized. By default, login is allowed for all users.
If the pattern takes the form USER@HOST then USER and HOST are
separately checked, restricting logins to particular users from
particular hosts.
Save it and restart SSH services. Basically username1, username2, username3 & username4 SSH login is disallowed.
Read more
Possibly Related Posts:
- How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
- Top 10 Free Anti Virus
- How to Install Webmin on OpenFiler
- Microsoft SQL 2008 Agent not starts
- VMware Workstation 7 Serial Key
How To Disable ipv6 on SuSE Linux
For some strange reason, ipv6 is switched ON by default in SuSE Linux.
To check whether you are currently running ipv6, run the following command as root:
ifconfig
eth0 Link encap:Ethernet HWaddr 00:0F:1F:89:8F:D5
inet addr:192.168.1.100 Bcast:140.171.243.255 Mask:255.255.254.0
inet6 addr: fe80::20f:1fff:fe89:8fd5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:33386388 errors:0 dropped:0 overruns:0 frame:0
TX packets:2947979 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2211978470 (2109.5 Mb) TX bytes:380978644 (363.3 Mb)
Base address:0xdf40 Memory:feae0000-feb00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:895 errors:0 dropped:0 overruns:0 frame:0
TX packets:895 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:76527 (74.7 Kb) TX bytes:76527 (74.7 Kb)
If you have lines containing inet6 as above, then your machine IS running ipv6.
How to disbling ipv6 on SuSE Linux
To disable ipv6 completely, run the following commands as root:
# echo “alias net-pf-10 off” >> /etc/modprobe.conf.local
# echo “alias ipv6 off” >> /etc/modprobe.conf.local
Restart the machine.
Read more
Possibly Related Posts:
- How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
- Top 10 Free Anti Virus
- How to Install Webmin on OpenFiler
- Microsoft SQL 2008 Agent not starts
- VMware Workstation 7 Serial Key