Extend logging of openssh-server - e.g. plaintext password
philipp at vlassakakis.de
Sun Dec 18 11:37:59 AEDT 2016
Dear list members,
I want to extend the logging of the openssh-server, so it also logs the entered passwords in plaintext, and yes I know that this is a security issue, but relax, Password Authentication is disabled. ;)
The logging is only used for collecting data on my honeypots.
After digging through the source, I´ve found a file called „auth.c"
if (authenticated == 0 && !authctxt->postponed &&
(strcmp(method, "password") == 0 ||
strncmp(method, "keyboard-interactive", 20) == 0 ||
strcmp(method, "challenge-response") == 0))
# ifdef WITH_AIXAUTHENTICATE
sys_auth_record_login(authctxt->user, get_canonical_hostname(options.use_dns), "ssh", &loginmsg);
Now I´ve just thought adding „authctxt->password“ should do the trick…unfortunately not.
Is there any way to implement this?
More information about the openssh-unix-dev