ssh wish list?
Paul Tagliamonte
paultag at gmail.com
Thu Oct 19 08:13:31 AEDT 2023
On Wed, Oct 18, 2023 at 03:05:20PM -0400, Chris Rapier wrote:
[snip]
> I don't think the actually banning part would be all that hard. It's
> everything that goes along with it in terms of managing things and making
> sure it would be performant enough in high volume scenarios.
I've tried hard to not jump in here and (obviously) failed.
At the risk of protracting an already overlong sub-thread on this topic,
I believe the unstated assumption (from my perspective) being missed
behind this feature request is that fail2ban and others would move to
this new API, and not use logs anymore -- not that openssh grows fail2ban
features. In a perfect world this means there's a new, stable API that
all the fail2ban-alikes and local programs use, and the ssh project can
be free to modify log output without worrying about breaking every
security stack.
Whether or not that is true is a different issue, as is the stability of
the log message format "de-facto API".
(this time actually out, for real)
paultag
--
:wq
More information about the openssh-unix-dev
mailing list