Logging of passwords in plaintext in syslog

Phillips, John john.phillips at calanais.com
Fri Apr 12 21:26:07 EST 2002


Hi,

I'm running OpenSSH_3.0p1 and have discovered the following issue..

When using verbose logging and password authentication, if I mistakenly
enter the password instead of the username then this is logged in syslog in
plain text. I realise that I shouldn't do this ;-), but most OS's native
utilities prevent logging the username in this situation. See below for an
extract..

sshd[31326]: Failed publickey for illegal user **plaintextpw** from 1.2.3.4
port 1430 ssh2
sshd[31326]: Failed keyboard-interactive for illegal user **plaintextpw**
from 1.2.3.4 port 1430 ssh2
sshd[31326]: Failed password for illegal user **plaintextpw** from 1.2.3.4
port 1430 ssh2
sshd[31326]: Disconnecting: Too many authentication failures for
**plaintextpw**

Any advice?

Cheers

John



More information about the openssh-unix-dev mailing list