|Main Archive Page > Month Archives > debian-security archives|
On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote:
>The problem is I cannot get sshd to log publickey denied errors to
>/var/log/auth.log so our daemons can ban these users. I want to know
>what happened to messages like "publickey denied for [user] from [ip]"
>I cannot get it to log those messages at all no matter the logging
Run the command below.
grep "ssh:1.%.30s@%.128s.s password:" /usr/sbin/sshd; echo $?
If you don't get 1 as output, your sshd is compromised.
-- To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org Archive: http://lists.debian.org/20120301205136.GA10718@master.debian.org