Need OpenSSH to logs users bad login attempts
Michael Selvesteen
selvesteen at gmail.com
Thu Jan 13 22:30:03 EST 2005
Thanks Damien for your comments,
We use a program that depends /var/adm/btmp(s) to monitor bad logins.
But SSH is not updating this file after a bad login attempt. We
seriously require the functionality. As I mentioned before we have a
patch that makes SSH to do this but it fails to log bad attempts of
key based authentication. Our program is similar to lastb command in
HP_UX which returns bad login attempts. But lastb too fails to list
bad login attempts by the SSH users.
Thanks for your help,
--
Michael
On Thu, 13 Jan 2005 21:36:51 +1100, Damien Miller <djm at mindrot.org> wrote:
> Michael Selvesteen wrote:
> > Hello All,
> >
> > We have a sensitive network where users authenticates through SSH. We
> > support multiple authentications with respective to their groups . As
> > a security concern we continue to monitor failed or bad login attempts
> > of every user using lastb command, but SSH never logs the bad login
> > attempts of the user like telnet does . We would like to have this
> > feature on SSH for every supported authentication including key based
> > authentication like public key and host based authentications.
>
> "LogLevel verbose" in sshd_config should do what you want.
>
> -d
>
More information about the openssh-unix-dev
mailing list