Any plans implement MaxAuthTriesLog?
Darren Tucker
dtucker at zip.com.au
Tue Nov 16 13:59:58 EST 2004
Richard Dickens wrote:
> When a user gets their password wrong more than MaxAuthTries times why
> isn't the message "Too many authentication failures for %.100s" written
> to syslog? The user seems to get it (in a dialog in putty) but it
> doesn't get logged. The usual "Failed password for..." messages are
> logged.
AFAIK vanilla OpenSSH has never logged those (it only sends it to the
user via packet_disconnect). Maybe it should log too? And if so, maybe
it should log some more info? Anyway, try this patch.
OpenSSH does the equivalent of MaxAuthTriesLog at MaxAuthTries/2. I
suspect the behaviour you're describing is not directly related to
MaxAuthTriesLog.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: openssh-maxauth-log.patch
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20041116/d2588b24/attachment.ksh
More information about the openssh-unix-dev
mailing list