From: Mr Rene Occelli (
Date: Mon Oct 07 1996 - 10:06:10 CDT


> I'm running 4.1.3
> I've problems with non desirable loggins.
> My question
> a) How can I modify the login shell to control logging
> ( exemple: 3 max retry)
> b) How can I redirect messages on succesive logging failure into a file
> and not onto the console
> c) How can I disable logging for a specific hosts

Thanks to:
Erin Copeland <> (Edgar Der-Danieliantz @ Armenia NIC)
james mularadelis <>
Tomasz Papszun <>
 Phil Burg <>

I) The consensus is to use tcp_wrappers and log_daemon programs by
        Wietse Venema (

It can be found at:

--logdaemon has programs that replace telnetd, rlogind, ftpd, and supports
skey. It lets you do a lot of creative logging, disabling logins, etc.
(access restrictions controlled by file /etc/login.access)
( users whom name appear in a /etc/ftpusers file are ftp disabled )

 --tcp_wrappers "wrap" tcp daemons and block access to them according
to a configuration you define. You can create /etc/hosts.deny and
 /etc/hosts.allow files which can setup restrictions on the access
to the daemons.
Install in mode "easy" is easy. The doc in tcp_wrapper is well

II) Special topics

--- james mularadelis <> uses the tcsh shell .
On login the .cshrc and .login files which reside in /etc are run first
( before users's) and can be used to restrict access.

---On Solaris (but not on SunoS) a loginlog file can exist ( loginlog(4) )
(/var/adm/loginlog) (you have to create it) in which a record of failed
logins is written after 5 unsuccessful login attempts.

---To redirect messages on succesive logging failure into a file
and not onto the console, you have to modify the /etc/syslog.conf file

auth.* /name/of/file/you/want/logged/to

+ Rene OCCELLI +
+ I.U.S.T.I. C.N.R.S. U.M.R. 139 +
+ Av. Esc. Normandie Niemen +
+ 13397 MARSEILLE Cedex 20 France +
+ Tel: (33)91 28 82 08 +
+ Fax: (33)91 28 82 25 +
+ Email: +

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:11 CDT