pam_tally2 for login attempts tracking on Ubuntu, follow these steps:
- Open the PAM configuration file /etc/pam.d/common-auth with a text editor such as nano:sudo nano /etc/pam.d/common-auth
- Add the following line at the beginning of the file to enable pam_tally2:auth required pam_tally2.so
- Configure the behavior of pam_tally2 by adding the following options to the end of the line added in step 2:deny=3 unlock_time=1200
deny=3: After 3 failed login attempts, the user account will be locked and further login attempts will be denied.unlock_time=1200: The user account will be automatically unlocked after 1200 seconds (20 minutes).You can adjust these values to suit your needs.
- Save and close the file.
After making these changes,
pam_tally2 will track failed login attempts and lock user accounts after a certain number of attempts. You can view the current status of locked user accounts by running the following command:
sudo pam_tally2 --user <username>
<username> with the username of the user you want to check. This command will show the number of failed login attempts and whether the account is currently locked.