[BlueOnyx:16893] Re: dfix2 and shell users
Greg Kuhnert
gkuhnert at compassnetworks.com.au
Fri Jan 23 03:52:20 -05 2015
Hi Brian…
> On 23 Jan 2015, at 4:35 pm, Michael Stauber <mstauber at blueonyx.it> wrote:
>
> Hi Brian,
>
>> Has anyone seen recent issues where dfix2 is installed, a user with a
>> few bad ssh auths has happened, and that user is blocked even though
>> in the BX UI all statuses for Security and that user were in essence
>> "flagged as user with failed logins, but still green". But ssh logins
>> were actually being blocked for that user?
>
> Dfix2 and pam_abl are two separate mechanisms. Hence blocks by Dfix2
> won't show up in the GUI's pam_abl user list.
Just to elaborate on Michael’s comments - dfix2 is fairly aggressive. It does not use the same thresholds that are in the gui. These things can be tweaked if needed in configuration. Give me a buzz off list if you need to tweak.
GK
More information about the Blueonyx
mailing list