Logging Login Attempts

Perry Wagle wagle at mac.com
Thu Oct 7 10:07:29 EST 2010


I have passwords turned off, and require keys to match.  The zombie armies swarming outside are trying brute force attacks that in part involve guessing login NAMES.  If they guess the wrong NAME, this is logged in syslog.  If they guess a working user name, then the attack has PARTIALLY SUCCEEDED, but this information is IGNORED.  That is, it is not logged.  If the zombie army has tell when it has found a working user name, then it might concentrate on finding its key, and I will be none the wiser.  I will not see that happening.

I can get this info by turning logging to DEBUG, but then it is very noisy.  I do not understand why failed attempts to login to my account are not logged.

Why is this, and how do I get it fixed?

Thanks!

-- Perry




More information about the openssh-unix-dev mailing list