pam_tally not working.

Hello,

I have a problem with PAM_TALLY2 on RED HAT 6.

The facts (set):

cat /etc/pam.d/system-auth | grep -i tally2
auth        required      pam_tally2.so onerr=fail deny=5 file=/var/log/faillog
account     required      pam_tally2.so reset

cat /etc/pam.d/sshd  | grep -i tally2
auth        required      pam_tally2.so onerr=fail deny=3 file=/var/log/faillog
account     required      pam_tally2.so

The main problem is that, my user who reach the failed login count, I cannot reset their failed logins.

The pam_tally2 shows
pam_tally2 --reset=0 -u <user>
Login Failures Latest failure From
user 0

After reset the failed logs not deleted, just increasing. :wall:

Please help! Any ideas?

---------- Post updated at 03:05 PM ---------- Previous update was at 11:07 AM ----------

Mar 5 20:55:51 <server> sudo: pam_unix(sudo:auth): conversation failed
Mar 5 20:55:51 <server> sudo: pam_unix(sudo:auth): auth could not identify password for [user]

This output is what I would expect when reseting a user:

pam_tally2 -r -u <user>
Login Failures Latest failure From
user 0

You appear to be getting similar output.

What specific "failed logs" are you talking about?

Hi fpmurphy,

Yes I have gotten this output, when I tried to reset my user,

But, my failed login count has not deleted, just increasing.

I cannot delete my failed login count, because the server told me faillog command does not exists.