-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Hi,
> Regarding libpam_abl's shortcommings, I'm surprised that an autopurge > isn't implemented, and I'm equally surprised that it doesn't track > failed attempts on known users. I had ran some tests, albeit not > extensive, on this and I believe it recorded failed attempts for known > users. It would be relatively useless if it didn't. I was also under > the impression that it has two types of blocking, host level and user > level. By your account, host level blocking isn't working? Again, > this would be a very large detriment to the package, making it less > than useful. I feared that my explanations would be confusing :-/. From what i perceived, only the autopurge isnt't implemented / working. The recording of failed attempts on hosts and users definetly _is_ working, but as many failed login attempts are made to non-existing users, _these_ attempts are not recorderded in any way (not in hosts nor in users), because the libpam_abl module is simply not reached in the chain. But, when rethinking, this could also have other reasons on my hosts, 1) the sshd having a list of AllowedLogin users (which might be checked before pam), and 2) maybe also the order in the pam chain. In any case, my problems with the new pam_abl package should be investigated before upload :). Yours, Nico -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iD8DBQFEIWraYm+MkvsfJ58RAzrxAKCLEJCA1nT2w8CXOlwQOgCqq6nGIgCfeMuF nfQBDAwDuXfEcQXl1kyUAzM= =dTcl -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
