#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_tally2.so deny=10 unlock_time=3600 no_magic_root reset
auth required pam_faildelay.so delay=2000000
auth required pam_faillock.so preauth silent deny=5 unlock_time=1800 fail_interval=900
auth sufficient pam_unix.so try_first_pass
auth [default=die] pam_faillock.so authfail deny=5 unlock_time=1800 fail_interval=900
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth required pam_deny.so
account required pam_faillock.so
account required pam_tally2.so no_magic_root
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so
password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= enforce_for_root
password requisite pam_pwhistory.so use_authtok enforce_for_root remember=4
password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok enforce_for_root remember=4
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
'Linux' 카테고리의 다른 글
| AWS 에서 NFS 설정 (0) | 2025.03.09 |
|---|---|
| passwd 보안 - 정책 (0) | 2025.03.09 |
| passwd 보안 - 계정상태 보기 (0) | 2025.03.09 |
| sudo 설정 (0) | 2025.03.09 |
| ssh root 접속 차단 (0) | 2025.03.09 |