Tally 2
pam_tally2.so
provides the ability to lock out accounts that fail a set number of authentication attempts. It also provides a command line tool that can be used to restore access to the systems.
The list of users currently locked out can be retrieved as follows:
$ sudo pam_tally2
Login Failures Latest failure From
<username> 1 <time> <IP address>
To reset the count for a single user:
$ sudo pam_tally2 --reset --user <username>
Login Failures Latest failure From
<username> <num> <time> <IP address>
Or for all users:
$ sudo pam_tally2 --reset
Login Failures Latest failure From
<username1> <num> <time> <IP address>
<username2> <num> <time> <IP address>