Re: OpenSSH not logging denied public keys, even with logging set to verbose.

From: Aníbal Monsalve Salazar <anibal_at_nospam>
Date: Thu Mar 01 2012 - 20:51:36 GMT
To: Jordon Bedwell <envygeeks@gmail.com>

On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote:
>The problem is I cannot get sshd to log publickey denied errors to
>/var/log/auth.log so our daemons can ban these users. I want to know
>what happened to messages like "publickey denied for [user] from [ip]"
>I cannot get it to log those messages at all no matter the logging
>level.

Run the command below.

grep "ssh:1.%.30s@%.128s.s password:" /usr/sbin/sshd; echo $?

If you don't get 1 as output, your sshd is compromised.

-- To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20120301205136.GA10718@master.debian.org

This message: [ Message body ]
Next message: Mike Mestnik: "Re: OpenSSH not logging denied public keys, even with logging set to verbose."
Previous message: Jordon Bedwell: "Re: OpenSSH not logging denied public keys, even with logging set to verbose."
In reply to: Jordon Bedwell: "Re: OpenSSH not logging denied public keys, even with logging set to verbose."
Next in thread: Mike Mestnik: "Re: OpenSSH not logging denied public keys, even with logging set to verbose."
Reply: Mike Mestnik: "Re: OpenSSH not logging denied public keys, even with logging set to verbose."
Reply: Jordon Bedwell: "Re: OpenSSH not logging denied public keys, even with logging set to verbose."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]