0
I've seen this question on AskUbuntu about monitoring lockscreen. However, imagine having an encrypted drive + home partition. Both are mounted and available while you are logged in.
The thing is, afaik, the number of attempts is not limited. How can I listen to unsuccessful attempts and after N tries just shut down the machine so I can prevent any further action that might target my storage via naive dictionary attack (e.g. friend/visit/...) on the lock screen?
Is there also any way for listening to unsuccessful attempts via tty? For example if someone tries to log in via tty1 twice and tty2 once (i.e. sum of all attempts 3), shutdown the machine too?
Does it apply to GUI too? – KeyWeeUsr – 2019-11-18T12:59:11.933
1As long as your GUI lockscreen actually uses PAM, yes. (If you're using a custom lockscreen like 'slock' which skips PAM and tries to do the absolute minimum amount of work, then all bets are off – if it doesn't call PAM, then it isn't going to send any other failure signal either.) – user1686 – 2019-11-18T13:03:19.433
I'll poke around to find whether my lockscreen uses PAM, but otherwise it's great! – KeyWeeUsr – 2019-11-18T13:05:17.657