Has anyone tried patching the 1.2.x source to force logging of all passwords submitted during authentication, not just those that fail?
On 8.1.2011, at 2.19, Dave Brenner wrote:> Has anyone tried patching the 1.2.x source to force logging of all passwords submitted during authentication, not just those that fail?It depends on what you need.. but, as the subject suggests, auth_debug_passwords=yes does basically that for plaintext authentication. You just need to de-base64-decode base64 the base64-encoded data. If that's not enough for you, be more specific what exactly you need.