Need OpenSSH to logs users bad login attempts

Michael Selvesteen selvesteen at gmail.com
Thu Jan 13 22:30:03 EST 2005


Thanks Damien for your comments,

We use a program that depends /var/adm/btmp(s) to monitor bad logins. 
But SSH is not updating this file after a bad login attempt. We
seriously require the functionality. As I mentioned before we have a
patch that makes SSH to do this but it fails to log bad attempts of
key based authentication.  Our program is similar to lastb command in
HP_UX which returns bad login attempts. But lastb too fails to list
bad login attempts by the SSH users.

Thanks for your help,
--
Michael




On Thu, 13 Jan 2005 21:36:51 +1100, Damien Miller <djm at mindrot.org> wrote:
> Michael Selvesteen wrote:
> >  Hello All,
> >
> > We have a sensitive network where users authenticates through SSH. We
> > support multiple authentications with respective to their groups . As
> > a security concern we continue to monitor failed or bad login attempts
> > of every user using lastb command, but SSH never logs the bad login
> > attempts of the user like telnet does .  We would like to have this
> > feature on SSH for every supported authentication including key based
> > authentication like public key and host based authentications.
> 
> "LogLevel verbose" in sshd_config should do what you want.
> 
> -d
>




More information about the openssh-unix-dev mailing list