-
Title
What does pam_tally do? -
Description
This knowledge article is a brief description about pam_tally or pam_tally2
-
Resolution
Pam_tally and pam_tally2 are PAM modules that maintains a count or tally of attempts to access.
Pam_tally is used for extra security for stopping authentications after so many tries. It will then lock out the account. pam_tally is not required to be used with authentication services and can be commented out of stack. However if it is used, accounts will need to be managed according to its man page and documentation.
For example:
pam_tally2 --user username --reset
pam_tally2 by itself will show all of the accounts with locks. You can then individually unlock an account with the command above or you can unlock all accounts with:
pam_tally2 --reset*Note that on older RHEL systems, RHEL 5 for example, pam_tally rather than pam_tally2 may be in use. In that case the commands are the same as above, just drop the 2, for example:
pam_tally --user username --reset