bugzilla-daemon at mindrot.org
2005-Apr-07 13:19 UTC
[Bug 1011] Multiple log entries for successful pubkey authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1011 Summary: Multiple log entries for successful pubkey authentication Product: Portable OpenSSH Version: 4.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: vinschen at redhat.com When a successful pubkey authentication took place, two "Accepted publickey" entries occur in syslog. This happens on all systems having DISABLE_FD_PASSING set, or for root logins, if privilege separation is enabled. The cause is apparently that monitor as well as slave write a syslog entry. One of these entries should be suppressed. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Apr-07 14:54 UTC
[Bug 1011] Multiple log entries for successful pubkey authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1011 ------- Additional Comments From senthilkumar_sen at hotpop.com 2005-04-08 00:54 ------- This occurs for all Key based Authentication methods. I noted it for gssapi in hpux. Wht wud be the cause if we just make it to log once, something like only for uid zero. In auth.c + if(getuid() == 0) authlog("%s %s for %s%.100s from %.200s port %d%s", Did it hurt anywhere? Also the failure messages like Failed none for user from foo* port *22 ssh2 occurs twice in debug mode. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Apr-07 14:55 UTC
[Bug 1011] Multiple log entries for successful pubkey authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1011 senthilkumar_sen at hotpop.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |senthilkumar_sen at hotpop.com ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Apr-07 14:59 UTC
[Bug 1011] Multiple log entries for successful pubkey authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1011 ------- Additional Comments From vinschen at redhat.com 2005-04-08 00:59 ------- Adding a uid==0 test is too simple. It doesn't work for Cygwin where uid 0 has no meaning at all. Probably there should be a flag set if privsep_postauth() is skipped for whatever reason and tested before printing from the monitor process. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Apr-07 15:28 UTC
[Bug 1011] Multiple log entries for successful pubkey authentication
http://bugzilla.mindrot.org/show_bug.cgi?id=1011 ------- Additional Comments From senthilkumar_sen at hotpop.com 2005-04-08 01:28 ------->It doesn't work for Cygwin where uid 0 has no meaning at all.Fine. Its not a thumb rule. But hoping tht the process ( with uid !=0 ) shld not do this logging. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Reasonably Related Threads
- [Bug 1011] Multiple log entries for successful pubkey authentication
- [Bug 1032] PrintLastLog is not working with UseLogin yes
- [Bug 1065] password expiration and SSH keys don't go well together
- [Bug 1083] Disable login for locked account
- [Bug 1030] sshd writes twice to wtmp when "UseLogin" is yes