Tally 2

pam_tally2.so provides the ability to lock out accounts that fail a set number of authentication attempts. It also provides a command line tool that can be used to restore access to the systems.

The list of users currently locked out can be retrieved as follows:

$ sudo pam_tally2
Login      Failures Latest failure From
<username> 1        <time>         <IP address>

To reset the count for a single user:

$ sudo pam_tally2 --reset --user <username>
Login      Failures Latest failure From
<username> <num>    <time>         <IP address>

Or for all users:

$ sudo pam_tally2 --reset
Login       Failures Latest failure From
<username1> <num>    <time>         <IP address>
<username2> <num>    <time>         <IP address>