[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OpenSSH not logging denied public keys, even with logging set to verbose.

On 03/01/12 18:23, Bedwell, Jordon wrote:
> On Thu, Mar 1, 2012 at 3:16 PM, Mike Mestnik <cheako@mikemestnik.net> wrote:
>> On 03/01/2012 02:51 PM, Aníbal Monsalve Salazar wrote:
>>> On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote:
>>>
>>>> The problem is I cannot get sshd to log publickey denied errors to
>>>> /var/log/auth.log so our daemons can ban these users.  I want to know
>>>> what happened to messages like "publickey denied for [user] from [ip]"
>>>> I cannot get it to log those messages at all no matter the logging
>>>> level.
>>>>
>>>
>> The chroot dosn't have a socket to log to...
>> Have syslog listen on something like: /var/run/sshd/dev/log
> There is no chroot.  I hope I didn't imply there was or is one.
>
Actually there is.  sshd by default runs the key checking/testing and
auth in a chroot.  Thus even if it sends log messages(and it does) there
is no where to send them and so the vanish... by default.

I believe I've opened a bug about this.
Reply to: