Administering user accounts

Setting login restrictions on terminals

You can prevent unauthorized access to your system with login restrictions on terminals. Repeated login attempts are typically associated with trying to crack an account password.

Use the Terminal Manager located in the System directory of the SCOadmin hierarchy. To set login restrictions on all terminals, select Defaults. To change the settings for an individual terminal, select Examine.

You can control these attributes:

Consecutive unsuccessful logins
sets the number of consecutive unsuccessful login attempts before the terminal is locked. A value of ``INFINITE'' or ``infinite'' disables this type of lock for the terminal.

Delay between attempts
sets the interval between login prompts. The message Wait for login retry: is displayed between login attempts.

Time to complete login
sets the maximum interval for a login attempt. When this period expires, the login is considered unsuccessful and the process is restarted (unless the number of unsuccessful attempts has been exceeded).

After five login attempts, the login session is a aborted and a new one is started after the ``Delay between login attempts'' elapses. The five-login limit cannot be changed. When a login session occurs over a modem connection, the consequence of aborting the session is that the modem disconnects.

NOTE: Locks on the system console are ignored when the superuser logs in. This is to avoid a complete lock-out of all users everywhere. Because this special login is allowed, you should physically protect the system console.

See also:

Next topic: Locking or unlocking a user account
Previous topic: Setting login restrictions on accounts

© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003