Re: Redundant Syslog Messages from OpenSSHD
- From: "Visolve Security Consulting Group" <securitygroup@xxxxxxxxxxx>
- Date: Tue, 6 Jun 2006 11:49:51 +0530
"Jesse Kempf" <kempf@xxxxxxx> wrote:
Ok,
So when a client authenticates to sshd (the server is running OpenSSH
4.3 on OpenBSD 3.8), I'm noticing that two messages get stuck in my logs
that differ only by pid.
For example:
Jun 4 13:59:56 somehost sshd[18613]: Accepted publickey for someuser
from 192.168.4.142 port 33295 ssh2
Jun 4 13:59:56 somehost sshd[10742]: Accepted publickey for someuser
from 192.168.4.142 port 33295 ssh2
They're otherwise identical, and ipso facto redundant. I know I could
work around these redundant messages, but is it possible to suppress
their output?
This problem is already reported at http://bugzilla.mindrot.org/show_bug.cgi?id=1011
Recently a patch was committed to OpenSSH by Darren Tucker to stop this duplicate logging.
Its worth to test the latest snapshots.
regards,
Visolve Security Consulting Group.
- References:
- Redundant Syslog Messages from OpenSSHD
- From: Jesse Kempf
- Redundant Syslog Messages from OpenSSHD
- Prev by Date: Re: Using RSA key _and_ password
- Next by Date: Port Forwarding - Firewall Traversal
- Previous by thread: Redundant Syslog Messages from OpenSSHD
- Next by thread: Port Forwarding - Firewall Traversal
- Index(es):
