Re: Log passwords from "authentication failure" logins

m sesser wrote:
Is it possible to log failed incoming passwords from opensshd sessions?

It's possible if you modify sshd (or whatever it uses to verify the password, eg PAM).

OpenSSH's stock sshd doesn't (and won't) provide the capability but by necessity it has access to the unencrypted password so it could be modified to do so by a nosy or malicious admin.

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.