diff --git a/collections/_evergreen/linux-desktop.md b/collections/_evergreen/linux-desktop.md
index 9bc7997e8e..73753d740a 100644
--- a/collections/_evergreen/linux-desktop.md
+++ b/collections/_evergreen/linux-desktop.md
@@ -272,7 +272,11 @@ If you use [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/tool
 If you are on Arch Linux, do not apply `noexec` to `/var/tmp`.
 
 ### Linux Pluggable Authentication Modules (PAM)
-There is also further hardening to [PAM](https://en.wikipedia.org/wiki/Linux_PAM) which can be found in [14. PAM](https://madaidans-insecurities.github.io/guides/linux-hardening.html#pam).
+There is also further hardening to [PAM](https://en.wikipedia.org/wiki/Linux_PAM) which can be found in [14. PAM](https://madaidans-insecurities.github.io/guides/linux-hardening.html#pam). On Redhat distributions you can use [`authselect`](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_authentication_and_authorization_in_rhel/configuring-user-authentication-using-authselect_configuring-authentication-and-authorization-in-rhel) to configure this e.g.:
+
+```
+sudo authselect select <profile_id, default: sssd> with-faillock without-nullok with-pamaccess
+```
 
 On systems where [`pam_faillock`](https://www.linux.org/docs/man8/pam_faillock.html) is not available, consider using [`pam_tally2`](https://www.linux.org/docs/man8/pam_tally2.html) instead.