#%PAM-1.0
# pam_securetty.so is commented out since sshd already does a good job of
# protecting itself. You may uncomment it if you like, but then you may
# need to add additional consoles to /etc/securetty if you want to allow
# root logins on them, such as: ssh, pts/0, :0, etc
#auth            required        pam_securetty.so
# To set a limit on failed authentications, the pam_tally2 module
# can be enabled. See pam_tally2(8) for options.
#auth            required        pam_tally2.so deny=4 unlock_time=1200
auth            include         system-auth
auth            include         postlogin
# Also uncomment this line to use pam_tally2:
#account         required        pam_tally2.so
account         required        pam_nologin.so
account         include         system-auth
password        include         system-auth
session         include         system-auth
session         include         postlogin
session         required        pam_loginuid.so