登入失敗鎖定策略配置登入逾時策略禁用root遠程登入指令檔

登入失敗鎖定策略配置登入逾時策略禁用root遠程登入指令檔 [plain] #!/bin/sh       #set up login timeout   # 60s donot do any operation,auto cancell  #  PROFILE_PATH="/etc/profile"  tmout=`cat $PROFILE_PATH | grep TMOUT`  if [ -z "$tmout" ]  then      echo "TMOUT=60" >> /etc/profile  else      sed -i 's/$tmout/TMOUT=60/' $PROFILE_PATH  fi  source $PROFILE_PATH  if [ $? -eq 0 ];then      echo "set TMOUT=60 successful!"  fi      #Locking strategies enable to a logon failure    PAM_AUTH_PATH="/etc/pam.d/system-auth"  system_auth=`cat $PAM_AUTH_PATH | grep pam_tally2.so`    content="auth        required      pam_tally2.so  deny=10  unlock_time=300 even_deny_root root_unlock_time=300"    if [ -z "$system_auth" ]  then     sed -i "3 a{$content}" $PAM_AUTH_PATH  else     sed -i "s/$system_auth/$content/" $PAM_AUTH_PATH  fi    #Limit the root user login remotely    SSH_CONF="/etc/ssh/sshd_config"  sed -i "s/^#PermitRootLogin.*/PermitRootLogin no/" $SSH_CONF    service sshd restart