similar to: How to make sshd not log invalid user login attempts?

https://bugzilla.mindrot.org/show_bug.cgi?id=1468 Summary: sshd does not log failed attempts using key-based authentication only Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: security Priority: P2

http://bugzilla.mindrot.org/show_bug.cgi?id=432 Summary: AIX does not log login attempts for unknown users Product: Portable OpenSSH Version: -current Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=432 ------- Additional Comments From dtucker at zip.com.au 2002-11-08 11:50 ------- Created an attachment (id=176) --> (http://bugzilla.mindrot.org/attachment.cgi?id=176&action=view) Call loginfailed() on AIX for unknown usernames ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

Hello, i'm running OpenSSH 3.4p1 on Debian Woody. Loggin is set to AUTH and INFO. When an exisiting user logs in or fails to log in, this is written to syslog. When a nonexisting user fails to log in there is no entry in syslog. Is this a bug? Regards Manfred

Is it possible to configure sshd (version 3.7.1p2, in my case) to log all failed login attempts? I've messed around with various syslog.conf settings and I've modified the sshd_config file to "UseLogin yes", assuming this may be required in order to leverage the /etc/default/login settings used by telnet. Nothing has worked, so far. For auditing purposes, I've been asked

Can I adjust the ssh daemon to log IP addresses instead of hostnames? I assume this situation is feasible... * 10.10.10.10 attempts to ssh to the server * reverse dns resolves to "somehost.domain.com" * ssh daemon logs "somehost.domain.com" in messages * foward dns on "somehost.domain.com" resolves to 10.10.10.20 Thus it causes some of my scripts a problem if the

Richard Schilling wrote: Do you notice wether or not it takes a certain number of connections for the bug to show up? I'm not seeing this problem with just a few people connecting via sftp (about 2-4 times per week). --Richard On 2003.06.13 22:36 Scott Lambert wrote: > We have been having a problem with sshd on our shell server. > > This has been happening since March 4,

each scp or ssh I do to a 4.8-stable machine I have gives me two 'zombie' processes: root 282 0.0 0.4 5236 2184 ?? I 7:41AM 0:00.05 sshd: imp [priv] (sshd) imp 284 0.0 0.4 5252 2260 ?? I 7:41AM 0:00.01 sshd: imp@notty (sshd) I had been running 4.8-RC when I first noticed it and reported it. People here said this had been fixed shortly after 4.8, but it is

I had a user telling me that they can't login to the Postfix email server via Webmail (RoundCube) and I decided to see if I could locate this issue in the logs and understand if the user was simply using a wrong password credential and or something more serious. More than likely the person is just using a wrong password but in search of this on my logs, I don't understand why Dovecot

Hello All, We have a sensitive network where users authenticates through SSH. We support multiple authentications with respective to their groups . As a security concern we continue to monitor failed or bad login attempts of every user using lastb command, but SSH never logs the bad login attempts of the user like telnet does . We would like to have this feature on SSH for every supported

http://bugzilla.mindrot.org/show_bug.cgi?id=457 Summary: SSHD doesn't start when using invalid port numbers Product: Portable OpenSSH Version: 3.5p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

I have passwords turned off, and require keys to match. The zombie armies swarming outside are trying brute force attacks that in part involve guessing login NAMES. If they guess the wrong NAME, this is logged in syslog. If they guess a working user name, then the attack has PARTIALLY SUCCEEDED, but this information is IGNORED. That is, it is not logged. If the zombie army has tell when it

http://bugzilla.mindrot.org/show_bug.cgi?id=908 Summary: AIX OpenSSH allows too many failing login attempts Product: Portable OpenSSH Version: -current Platform: All OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

http://bugzilla.mindrot.org/show_bug.cgi?id=271 Summary: SSHD should unblock SIGCHLD - POSIX signal blocks survive exec() Product: Portable OpenSSH Version: -current Platform: Other OS/Version: other Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo:

http://bugzilla.mindrot.org/show_bug.cgi?id=292 Summary: sshd[1663]: fatal: mmap(65536): Invalid argument Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

Hi All, I've been tuning a server recently and just today this has started to appear in my top/htop output. [root at db1 ~]# ps -aux | grep kernel root 1011 0.0 0.0 212048 4532 ? Ss 13:34 0:00 /usr/bin/abrt-watch-log -F BUG: WARNING: at WARNING: CPU: INFO: possible recursive locking detected ernel BUG at list_del corruption list_add corruption do_IRQ: stack overflow: ear stack overflow

Their is a buffer overrun in /bin/login which has the potential to allow any user of your system to gain root access. util-linux-2.5-29 contains a fix for this and is available for Red Hat Linux 4.0 on all four platforms. We strongly recommend that all of Red Hat 4.0 usres apply this fix. Users of Red Hat Linux versions earlier then 4.0 should upgrade to 4.0 and then apply all available security

http://bugzilla.mindrot.org/show_bug.cgi?id=442 Summary: sshd allows login via public-key when account locked Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org

http://bugzilla.mindrot.org/show_bug.cgi?id=475 Summary: sshd should source /etc/default/login Product: Portable OpenSSH Version: 3.5p1 Platform: All OS/Version: Solaris Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

Hi. Some people have reported that login messages reported by sshd have extra newlines. It looks like there are 2 causes of this: a) some PAM modules like to return messages of "", which sshd dutifully appends a newline to and stores for later display. b) display_loginmsg appends a newline too (I think this dates back to before PAM supplied its own newlines). The attached