Good day. I have setup hardening the password (test system so far) prior to doing any work on production. Here is what I have set.
Snippet from /etc/pam.d/system-auth
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root
account required /lib/security/$ISA/pam_unix.so
account required /lib/security/$ISA/pam_tally.so per_user deny=3 reset no_magic_root
The system is auto-locking the accounts as requested. However, it is giving no notifications to client. This is happening for console, ssh, and xorg login's.
I attempted to fix up sshd with modifying these settings in /etc/ssh/sshd_config:
PasswordAuthentication no
ChallengeResponseAuthentication yes
Then restarting the sshd daemon with:
service sshd restart
No difference.
Any suggestions ?