#!/bin/bash

# 登录失败3次就锁用户300s
sed -i '/^#%PAM-1.0/a\auth\t   required\tpam_tally2.so deny=3 unlock_time=300 even_deny_root root_unlock_time=300' /etc/pam.d/sshd
sed -i '/^#%PAM-1.0/a\auth\trequired\tpam_tally2.so deny=3 unlock_time=300 even_deny_root root_unlock_time=300' /etc/pam.d/login