[Bug 2633] New: Provide hook invoked for login failures

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu Oct 27 05:03:41 AEDT 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2633

            Bug ID: 2633
           Summary: Provide hook invoked for login failures
           Product: Portable OpenSSH
           Version: 7.3p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: josh at joshtriplett.org

Many different scripts exist to parse the log output of sshd and
attempt to block sources of excessive failed login attempts.  Most such
scripts involve fragile, easily-misled text parsing.

Please consider adding a standard hook, configurable in sshd_config,
invoked by sshd when a login fails.  That hook should receive the
source IP address for the connection, and the login type(s) attempted
and failed (not those not attempted), so that it can decide (for
instance) to have different thresholds for password attempts/failures
and key-based failures.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list