Public key authentication and logging

[Damien Miller]

Nestor Burma wrote:
> 3/ but if a KNOWN user tries to log without a known
> key, we get no message whatsoever.
> 
> Taking into account all the current brute forcing
> tools, we feel this is somehow wrong. Of course, we
> get bazillions of failures for unknown users, but
> unfortunately some tools we saw just hammered 'root'
> and a few, well-known account names. So getting no
> failure message is bad for us.

"LogLevel verbose" might give you some more details, but the
probability of someone guessing a private key are infintisimal.

-d