[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pause on bad password

To: Pluggable Authentication Modules <pam-list@xxxxxxxxxx>
Subject: Re: pause on bad password
From: Darren Tucker <dtucker@xxxxxxxxxx>
Date: Fri, 18 Jun 2004 14:22:35 +1000
In-reply-to: <20040617144154.GA5873@cs.wisc.edu>
Reply-to: Pluggable Authentication Modules <pam-list@xxxxxxxxxx>
Sender: pam-list-bounces@xxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040608

Will McDonald wrote:

The default behavior of pam_unix_auth.so (on Linux) is to sleep for a couple
of seconds if the user enters a bad password to prevent brute force attacks. I
haven't been able to find anything on the web about this, but is there an
option to turn this behavior off (or an equivalent module that doesn't do it)?

pam_unix.so has a no "nodelay" option, try that.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

Follow-Ups:
- Re: pause on bad password
  - From: Will McDonald

References:
- pause on bad password
  - From: Will McDonald

Prev by Date: pause on bad password
Next by Date: Re: pause on bad password
Previous by thread: pause on bad password
Next by thread: Re: pause on bad password
Index(es):
- Date
- Thread

[Home] [Kernel List] [Red Hat Install] [Linux for the blind] [Red Hat Watch List] [Gimp] [Kerberos: The Definitive Guide]

Add to Google

Powered by Linux