STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-766

CAT II (Medium)

The system must disable accounts after three consecutive unsuccessful login attempts.

Rule ID

SV-44834r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000044

Discussion

Disabling accounts after a limited number of unsuccessful login attempts improves protection against password guessing attacks.

Check Content

Check the pam_tally configuration.
# more /etc/pam.d/login
Confirm the following line is configured, before the "common-auth” file is included:
auth     required       pam_tally.so deny=3 onerr=fail
# more /etc/pam.d/sshd
Confirm the following line is configured, before the "common-auth” file is included:
auth     required       pam_tally.so deny=3 onerr=fail

If no such line is found, this is a finding.

Fix Text

Edit /etc/pam.d/login and/or /etc/pam.d/sshd and add the following line, before the "common-auth" file is included:
auth     required       pam_tally.so deny=3 onerr=fail