Welcome to the Linux Foundation Forum!

Errors in Lab 33.1

4. Check to see how many failed logins there are for the user.

Solution given:


$ sudo pam_tally2

But I believe it should be:


$ sudo pam_tally2 -u student

 

6. Check again to see how many failed logins there are.

Solution given:


$ sudo pam_tally2 -u student -r

But It should just be again:


$ sudo pam_tally2 -u student

 

Comments

  • luisviveropena
    luisviveropena Posts: 1,142

    Hi Carlo,

    What distro and version are you using?

    Regards,

    Luis.

  • CarloMartini
    CarloMartini Posts: 16
    edited July 2018

    Latest Fedora.

  • luisviveropena
    luisviveropena Posts: 1,142
    edited July 2018

    Hi Carlo,

    I was unable to try it on Fedora, but I did a test on CenOS 7 and it looks like the results may be very similar.

    sudo pam_tally2 will show all the incidences, so it will show the failures for 'student' user and any others. But you are right, it should be '-u student', because it's asking about the specific user. And item 6 is bad and it should be the same command to ask for the specific 'student' user.

    I'm going to report it, so we can fix it for a new version of the course.

    Regards,

    Luis.

  • jengel
    jengel Posts: 41

    FYI In Ubuntu 16.04, default install the user do not get the "Account locked due to 3 failed logins" message nor the "There were 6 failed login attempts since the last successful login." Account is successfully logged and tally is correctly logged.

    To get the "Account locked ..." message one will need to enable challengeresponseauthentication in sshd config.

  • coop
    coop Posts: 915

    As Luis has noted this has been changed in the next version of this course, date TBA but not immediately (we cannot make even a small change without changing the entire course, there is no real time editing in this platform, so we do it something like quarterly) Are you saying Luis' prescription does not work? Also since things are moving to Ubuntu 18.04 in the real world and for sure in the exams "soon" it is more important than 16.04, not that we don't want things to work with 16.04

  • jengel
    jengel Posts: 41

    No What Luis is correcting is good. I didn't want to open a new post but thought I'd share here (assuming people who run into the issue may search the forums and come across my FYI.)

    For reasons you mentioned + making the change I suggested breaking something else, I would say (if it is not fixed 18.04) best option would be to maybe just put a note in the lab to say Ubuntu users may not get the expected error messages. Similar to what you did for the su/rbash bug in the previous lab.

    Other than the messages the lab works fine.

  • coop
    coop Posts: 915

    I let Luis handle these security (and other) issues generally. He is a real top tier Enterprise Sys Admin. I only pretend to know system admin, I'm really a scientist turned developer who has learned no more sys admin that I need over the decades. I've never actually earned a living as an Admin or Architect.

  • Hi jengel,

    There are some few things that changes from one distro to another (also between versions of the same distro) so it's a kind of difficult thing to cover more than one version of a particular distro. And as coop mentioned, we are moving to Ubuntu 18.04.

    Regards,
    Luis.

Categories

Upcoming Training