Jiri Pam_Tally2 kpọchie ma kpọghee Mgbalị nbanye SSH dara

a na-eji modul pam_tally2 iji kpọchie akaụntụ onye ọrụ mgbe ụfọdụ ọnụọgụ nbanye ssh dabara na sistemụ ahụ. Modul a na-edobe ọnụ ọgụgụ nwara ịnweta yana ọtụtụ mbọ ndị dara ada.

modul pam_tally2 na-abịa n'akụkụ abụọ, otu bụ pam_tally2.so na nke ọzọ bụ pam_tally2. Ọ dabere na modul PAM ma enwere ike iji ya nyochaa ma megharịa faịlụ counter. Ọ nwere ike igosipụta ọnụọgụ nbanye onye ọrụ, tọọ ọnụ ọgụgụ n'otu n'otu, kpọghee ọnụ ọgụgụ onye ọrụ niile.

Na ndabara, pam_tally2 modul etinyelarị n'ọtụtụ nkesa Linux yana ngwugwu PAM n'onwe ya na-achịkwa ya. Edemede a na-egosi otu esi kpọchie ma kpọghee akaụntụ SSH mgbe ị nwetachara ọnụọgụ nbanye ụfọdụ dara ada.

Otu esi ekpochi ma kpọghee akaụntụ onye ọrụ

Jiri faịlụ nhazi '/etc/pam.d/password-auth' iji hazie mbọ ịbanye. Mepee faịlụ a ma tinye ahịrị nhazi AUTH na-esote ya na mmalite nke ngalaba 'auth'.

auth        required      pam_tally2.so  file=/var/log/tallylog deny=3 even_deny_root unlock_time=1200

Ọzọ, tinye ahịrị na-esonụ na ngalaba 'akaụntụ'.

account     required      pam_tally2.so

  1. file=/var/log/tallylog – A na-eji faịlụ ndekọ ndabara mee ka ọnụ ọgụgụ nbanye.
  2. deny=3 – jụ ohere ka emechara 3 wee kpọchie onye ọrụ.
  3. even_deny_root – Amụma a na-emetụtakwa onye ọrụ mgbọrọgwụ.
  4. unlock_time=1200 - A ga-akpọchi akaụntụ ruo nkeji iri abụọ. (wepụ paramita a ma ọ bụrụ na ịchọrọ igbachi kpamkpam ruo mgbe ejiri aka kpọghee ya.)

Ozugbo ịmechara nhazi nke dị n'elu, gbalịa ugbu a nwaa mbọ nbanye 3 dabara na nkesa site na iji 'aha njirimara' ọ bụla. Mgbe ịmechara ihe karịrị 3 mgbalị ị ga-enweta ozi na-esonụ.

 ssh [email 
[email 's password:
Permission denied, please try again.
[email 's password:
Permission denied, please try again.
[email 's password:
Account locked due to 4 failed logins
Account locked due to 5 failed logins
Last login: Mon Apr 22 21:21:06 2013 from 172.16.16.52

Ugbu a, nyochaa ma ọ bụ lelee counter onye ọrụ na-anwale site na iwu a.

 pam_tally2 --user=tecmint
Login           Failures  Latest    failure     From
tecmint              5    04/22/13  21:22:37    172.16.16.52

Otu esi tọgharịa ma ọ bụ kpọghee akaụntụ onye ọrụ ka ị nweta ohere ọzọ.

 pam_tally2 --user=tecmint --reset
Login           Failures  Latest    failure     From
tecmint             5     04/22/13  17:10:42    172.16.16.52

Nyochaa nbanye ma ọ bụ akpọchiela mbọ nbanye

 pam_tally2 --user=tecmint
Login           Failures   Latest   failure     From
tecmint            0

Modul PAM bụ akụkụ nke nkesa na nhazi Linux niile enyere ya kwesịrị ịrụ ọrụ na nkesa Linux niile. Mee 'man pam_tally2' site na ahịrị iwu ka ịmatakwu gbasara ya.

Gụkwuo:

  1. Ndụmọdụ 5 iji chekwaa ma chekwaa sava SSH
  2. Jiri DenyHosts gbochie mwakpo ndị SSH Brute Force