/var/log/btmp logging ?
jhuuskon at messi.uku.fi
Mon Nov 27 20:18:15 EST 2000
Openssh doesn't log failed logins to /var/log/btmp like login does
(if btmp exists). This is on RH6.2.
Is there a specific reason for not logging to btmp ?
I think that logging to btmp would be a 'good thing'(tm). What about
other unices ? Do they have /var/log/btmp or something similar (AIX has
something like that and I think openssh already logs the failed attempts).
AFAIK it wouldn't be too much work to get btmp logging to openssh. Here
are some ideas that came to mind:
- add a failure call to auth1.c and auth2.c (there's already AIX specific
- modify loginrec.c so there's a routine to write an entry to btmp
( propably just modify wtmp_write_entry so it can take a filename parameter
and then add write_bad_login-function )
Is somebody interested in this kind of btmp feature ? And any chances
of getting this included in the portable version ?
Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi
University of Kuopio - Computer Centre | Work: +358 17 162822
PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169
More information about the openssh-unix-dev