no logging in auth.log when using wrong ssh keys
Hans Harder
hans at atbas.org
Tue Apr 20 06:31:01 EST 2010
I have in the sshd_config the following to disable password authentication
Match Group dummies
PasswordAuthentication no
KbdInteractive no
Normally I use denyhosts to detect incorrect logins, but it seems that
failed sshkey logins are not logged in auth.log
And I really like to have them in order to detect them and use the
denyhosts script.
Looked in the last nightly builds, but it seems that only method '
password' is being logged.
So I added one line, so that also failed publickey logins are being
logged in auth.log
hans at Draakje:~/src/openssh$ diff -u auth.c auth_new.c
--- auth.c 2010-03-07 01:57:00.000000000 +0100
+++ auth_new.c 2010-04-19 19:58:21.564550068 +0200
@@ -263,6 +263,7 @@
if (authenticated == 1 ||
!authctxt->valid ||
authctxt->failures >= options.max_authtries / 2 ||
+ strcmp(method, "publickey") == 0 ||
strcmp(method, "password") == 0)
authlog = logit;
Perhaps there is a better way to log the failed sshkey logins, but I
couldn't find it (my lack of knowledge probably).
So any comments are welcome....
Hans
--------
ech`echo xiun|tr nu oc|sed'sx\([sx]\)\([xoi]\)xo un\2\1 is xg'`ol.
More information about the openssh-unix-dev
mailing list