[Bug 909] AllowUsers denied access does not log IP address

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Aug 5 12:44:02 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=909

           Summary: AllowUsers denied access does not log IP address
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: woodbri at swoodbridge.com


log messages do not include orginating IP address for messages like:

Aug  2 21:09:48 maps sshd[4468]: User root not allowed because not listed in
AllowUsers

Using version:
OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3, SSH protocols 1.5/2.0, OpenSSL 0x0090603f

This is a serious security omission, because you can not track, report and/or
block hosts that are trying to access your system. I realize that only allowing
specific hosts would be a better security alternative, but this is not always an
alternative when I am travelling and need remote access to my system.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list