[Bug 2415] Public key failures are not counted and therefore not logged into syslog

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jun 19 19:16:49 AEST 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2415

--- Comment #2 from Jakub Jelen <jjelen at redhat.com> ---
Yes, I got the point about verbose. I believe that these messages are
not much useful, especially the first few of them and if it fails in
this early phase of checking public key.

But when I was debugging this issue, the failures were counted in child
as I stated above. It is pretty confusing that there is the same
variable authctxt->failures used in different contexts. Especially when
you watch this variable in auth_log function, it is once 0 and once
non-zero (as progressing with different keys), depending on who calls
it.

The line in auth_log()
>         authctxt->failures >= options.max_authtries / 2 ||
led me to the question if it is really expected to have this value
always-zero in context of public key authentication. Yes, it doesn't
make sense to log every attempt. But repetitive attempts can be
potentially threat.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list