Public key auth and logging messages
From: Nestor Burma (goudron_et_plumes_at_yahoo.fr)
Date: 05/31/05
- Previous message: David Surkov: "Unable to get shell prompt after logon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 31 May 2005 17:08:31 +0200 (CEST) To: secureshell@securityfocus.com
Hello,
We are using OpenSSH 4.1p1 on a Linux box. The only
authentication method allowed is by public key.
Everything works without any problem, EXCEPT logging :
1/ if a known user tries to log, with a proper (known)
key, we get a success message through syslog, such as
:
Accepted publickey for USER from IP
2/ if an unknow user tries to log (obviously with or
without a "proper key"), we get a failure message
through syslog, such as :
Invalid user USER from IP
3/ but if a KNOWN user tries to log without a known
key, we get no message whatsoever.
Taking into account all the current brute forcing
tools, we feel this is somehow wrong. Of course, we
get bazillions of failures for unknown users, but
unfortunately some tools we saw just hammered 'root'
and a few, well-known account names. So getting no
failure message is bad for us.
Is it a misconfiguration on our part ? And if so, how
to change that ?
Sincerely,
-- Nb
_____________________________________________________________________________
Découvrez le nouveau Yahoo! Mail : 1 Go d'espace de stockage pour vos mails, photos et vidéos !
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com
- Previous message: David Surkov: "Unable to get shell prompt after logon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
