Re: OpenSSH not logging denied public keys, even with logging set to verbose.

[Jordon Bedwell <envygeeks@gmail.com>]

2012/3/1 Aníbal Monsalve Salazar <anibal@debian.org>:
> On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote:
>>The problem is I cannot get sshd to log publickey denied errors to
>>/var/log/auth.log so our daemons can ban these users.  I want to know
>>what happened to messages like "publickey denied for [user] from [ip]"
>>I cannot get it to log those messages at all no matter the logging
>>level.
>
> Run the command below.
>
>  grep "ssh:1.%.30s@%.128s.s password:" /usr/sbin/sshd; echo $?
>
> If you don't get 1 as output, your sshd is compromised.

It returned 1, this happens on freshly installed Debian and Ubuntu too
though, tested it on Ubuntu too.