Record Failed Passwords

Bob Proulx bob at
Wed Jul 21 08:10:42 EST 2010

Keisial wrote:
>  Bob Proulx wrote:
> > Alan Neville wrote:
> >> I am emailing you to ask is it possible to record failed passwords
> >> attempts and log them to syslog? Are there patches available for this?
> > My logs are always filled with cracking attempts to log in but failing
> > the password.  The past couple of months the distributed attacks have
> I think he wants the actual passwords, Bob.

Oh!  When I read "record failed passwords attempts" I read it as
"record failed password attempts".  No matter what I think the grammer
there is a little ambiguous.  And logging actual passwords isn't
normally good since normally user passwords shouldn't be stored.  But
I understand that if you are setting up a honeypot or studying attacks
then it is one way to observe the cracking behavior.


More information about the openssh-unix-dev mailing list