Re: password logging for illegal ssh login atempts
From: noname (noaddress_at_no.mail)
Date: 01/24/05
- Next message: Dan Stromberg: "What's the deal on the -X vs -Y thing?"
- Previous message: Matthew Poole: "Re: password logging for illegal ssh login atempts"
- In reply to: Matthew Poole: "Re: password logging for illegal ssh login atempts"
- Next in thread: Darren Tucker: "Re: password logging for illegal ssh login atempts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 Jan 2005 23:24:08 +0100
Matthew Poole wrote:
> In article <41f54b8f$0$11485$e4fe514c@news.xs4all.nl>, noname <noaddress@no.mail> wrote:
>
>>With openssh, what do I need to log both login and password to
>>/var/log/messages for failed login attempts?
>>
>
> A recompilation of OpenSSH, I believe. By design it doesn't log
> passwords, in case someone who's a legit user puts in a correct
> username/password that's meant for another system - I do it on occasion,
> and I'm sure I'm not alone.
>
I agree logging the passwords can be a security risc for users. I think
it's more of a risc incase a legit user doesn't provide the correct
password for the same system.
But it also can be a very handy feature. F.e. test systems, honeypots etc.
S.
- Next message: Dan Stromberg: "What's the deal on the -X vs -Y thing?"
- Previous message: Matthew Poole: "Re: password logging for illegal ssh login atempts"
- In reply to: Matthew Poole: "Re: password logging for illegal ssh login atempts"
- Next in thread: Darren Tucker: "Re: password logging for illegal ssh login atempts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
