bugzilla-daemon at bugzilla.mindrot.org
2016-Oct-26 18:03 UTC
[Bug 2633] New: Provide hook invoked for login failures
https://bugzilla.mindrot.org/show_bug.cgi?id=2633
Bug ID: 2633
Summary: Provide hook invoked for login failures
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: josh at joshtriplett.org
Many different scripts exist to parse the log output of sshd and
attempt to block sources of excessive failed login attempts. Most such
scripts involve fragile, easily-misled text parsing.
Please consider adding a standard hook, configurable in sshd_config,
invoked by sshd when a login fails. That hook should receive the
source IP address for the connection, and the login type(s) attempted
and failed (not those not attempted), so that it can decide (for
instance) to have different thresholds for password attempts/failures
and key-based failures.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-Jul-19 05:17 UTC
[Bug 2633] Provide hook invoked for login failures
https://bugzilla.mindrot.org/show_bug.cgi?id=2633
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WONTFIX
Status|NEW |RESOLVED
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
I suggest that you investigate the Linux audit API. OpenSSH has
supported this for a while and it does notify failed authentication
attempts via linux_audit_record_event()
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 05:08 UTC
[Bug 2633] Provide hook invoked for login failures
https://bugzilla.mindrot.org/show_bug.cgi?id=2633
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Possibly Parallel Threads
- [Bug 1874] New: Cannot enable agent forwarding if persistent master connection exists with no forwarding
- [Bug 1886] New: Please move /tmp/ssh-XXXXXXXXXXXX directory to /var/run
- [Bug 2446] New: Provide an option to show SHA256 fingerprints in a more pronouncable format
- [Bug 2545] New: reverse DNS lookups shouldn't block login
- [Bug 2620] New: Option AddKeysToAgent doesnt work with keys provided by PKCS11 libraries.