Enhancing Security: Implementing Account Lockout after Failed SSH Login Attempts on RHEL9

Introduction:

In today’s digital landscape, safeguarding sensitive information and securing access to systems is paramount. One of the most widely used methods for remote server administration is SSH (Secure Shell). To strengthen the security of your Linux system, implementing measures such as account lockout after a certain number of failed login attempts is crucial. In this blog post, we will explore how to configure your RHEL9 system to enforce a hit and trial password limit and automatically lock an account after three unsuccessful SSH login attempts.

Step 1: Configuring SSHD Configuration File

1. Open the SSHD configuration file located at `/etc/ssh/sshd_config` using a text editor.

2. Locate the line that starts with `#MaxAuthTries`. Uncomment the line by removing the `#` symbol.

3. Set the value of `MaxAuthTries` to `3`. This will limit the number of password attempts to three before locking the account.

4. Save the changes and exit the editor.

Step 2: Configuring PAM (Pluggable Authentication Modules)

1. Open the PAM configuration file for SSH located at `/etc/pam.d/sshd` using a text editor.