Re: OpenSSH not logging denied public keys, even with logging set to verbose.
2012/3/1 Aníbal Monsalve Salazar <anibal@debian.org>:
> On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote:
>>The problem is I cannot get sshd to log publickey denied errors to
>>/var/log/auth.log so our daemons can ban these users. I want to know
>>what happened to messages like "publickey denied for [user] from [ip]"
>>I cannot get it to log those messages at all no matter the logging
>>level.
>
> Run the command below.
>
> grep "ssh:1.%.30s@%.128s.s password:" /usr/sbin/sshd; echo $?
>
> If you don't get 1 as output, your sshd is compromised.
It returned 1, this happens on freshly installed Debian and Ubuntu too
though, tested it on Ubuntu too.
Reply to: