cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Trevor
Commander Commander
Commander
‎04-20-2025 06:25 PM
  • 965 Views

Failed Login Attempts

Where do I configure the max number of login attempts by a user, so that when that number is exceeded, the user account is locked?  Is there a single command I use?  Is there some file that I have to edit/modify?

Trevor "Red Hat Evangelist" Chandler
Labels (3)
Labels
Join the discussion
4 Replies
Blue_bird
Starfighter Starfighter
Starfighter
‎04-21-2025 07:35 AM
  • 934 Views

The user account faillock options should be stored in/etc/security/faillock.conf:

deny=4
unlock_time=1200
silent

Thanks

Trevor
Commander Commander
Commander
‎04-22-2025 03:14 AM
  • 870 Views

Thanks Blue_bird!!

Trevor "Red Hat Evangelist" Chandler
0 Kudos
Chetan_Tiwary_
Community Manager
Community Manager
‎04-21-2025 08:17 PM
  • 890 Views

@Trevor If you have RHEL 7 , you can use this command : 

authconfig --enablefaillock --faillockargs="deny=6 unlock_time=1200" --update

or choose to include pam_faillock in /etc/pam.d/system-auth and /etc/pam.d/password-auth  ( refer : https://access.redhat.com/solutions/7002274 ).

 

otherwise for RHEL 8 & 9 use as mentioned by @Blue_bird :

/etc/security/faillock.conf :

deny=4
unlock_time=1200
silent
Trevor
Commander Commander
Commander
‎04-22-2025 03:17 AM
  • 870 Views

Thanks Chetan for taking me back down memory lane, with how to get things done in RHEL 7.  I've consulted with the judges, and they say, the RHEL 9.X solution it is!!!

 

Trevor "Red Hat Evangelist" Chandler
0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright @ 2025 Red Hat Privacy statement Terms of service Community Guidelines