Re: Redundant Syslog Messages from OpenSSHD



"Jesse Kempf" <kempf@xxxxxxx> wrote:
Ok,
So when a client authenticates to sshd (the server is running OpenSSH
4.3 on OpenBSD 3.8), I'm noticing that two messages get stuck in my logs
that differ only by pid.
For example:

Jun 4 13:59:56 somehost sshd[18613]: Accepted publickey for someuser
from 192.168.4.142 port 33295 ssh2
Jun 4 13:59:56 somehost sshd[10742]: Accepted publickey for someuser
from 192.168.4.142 port 33295 ssh2

They're otherwise identical, and ipso facto redundant. I know I could
work around these redundant messages, but is it possible to suppress
their output?

This problem is already reported at http://bugzilla.mindrot.org/show_bug.cgi?id=1011
Recently a patch was committed to OpenSSH by Darren Tucker to stop this duplicate logging.

Its worth to test the latest snapshots.

regards,
Visolve Security Consulting Group.