sshd: Logging illegal users
sshd included with Debian/sarge logs connection attempts with illegal
usernames this way:
sshd[xxx]: Illegal user <username> from xxx.xxx.xxx.xxx
sshd[xxx]: Failed unknown for illegal user <username> from xxx.xxx.xxx.xxx port xxxxx ssh2
However, the older sshd version from Debian/woody by default only logs
the following when trying to connect with an illegal username:
sshd[xxx]: Connection from xxx.xxx.xxx.xxx port xxxxx
sshd[xxx]: Enabling compatibility mode for protocol 2.0
Is there a way to make the sshd included with Debian/woody to also log
the usernames an attacker tried to connect with?
PGP: 2047Bit RSA, ID 0x668E601D - Encrypted mail welcome!