登录失败锁定策略配置登录超时策略禁用root远程登录脚本
[plain]
#!/bin/sh
#set up login timeout
# 60s donot do any operation,auto cancell
#
PROFILE_PATH="/etc/profile"
tmout=`cat $PROFILE_PATH | grep TMOUT`
if [ -z "$tmout" ]
then
echo "TMOUT=60" >> /etc/profile
else
sed -i 's/$tmout/TMOUT=60/' $PROFILE_PATH
fi
source $PROFILE_PATH
if [ $? -eq 0 ];then
echo "set TMOUT=60 successful!"
fi
#Locking strategies enable to a logon failure
PAM_AUTH_PATH="/etc/pam.d/system-auth"
system_auth=`cat $PAM_AUTH_PATH | grep pam_tally2.so`
content="auth required pam_tally2.so deny=10 unlock_time=300 even_deny_root root_unlock_time=300"
if [ -z "$system_auth" ]
then
sed -i "3 a{$content}" $PAM_AUTH_PATH
else
sed -i "s/$system_auth/$content/" $PAM_AUTH_PATH
fi
#Limit the root user login remotely
SSH_CONF="/etc/ssh/sshd_config"
sed -i "s/^#PermitRootLogin.*/PermitRootLogin no/" $SSH_CONF
service sshd restart
http://www.dengb.com/Linuxjc/549955.htmlwww.dengb.comtruehttp://www.dengb.com/Linuxjc/549955.htmlTechArticle登录失败锁定策略配置登录超时策略禁用root远程登录脚本 [plain] #!/bin/sh #set up login timeout # 60s donot do any operation,auto cancell # PROFILE_PATH=/etc/p...