pam_unix logs unknown usernames to syslog

To: debian-user@lists.debian.org
Subject: pam_unix logs unknown usernames to syslog
From: Jim Breton <jamesb-debian@alongtheway.com>
Date: Wed, 5 Apr 2000 06:05:21 +0000
Message-id: <[🔎] 20000405060521.A956@alongtheway.com>

Running current potato.  I have the following lines in /etc/login.defs:

# Enable display of unknown usernames when login failures are recorded.
#
LOG_UNKFAIL_ENAB        no


I understand that the point of this is to prevent logs from containing
passwords should users accidentally type them (instead of the username) at
the login prompt.

However, the pam_unix.so module doesn't seem to be handling this
properly.  Here is an example of a telnet attempt to my machine using a
known bad username:

Apr  5 01:49:43 tarkin PAM_unix[5145]: check pass; user unknown
Apr  5 01:49:43 tarkin PAM_unix[5145]: authentication failure; (uid=0)
-> asddf for login service
Apr  5 01:49:45 tarkin login[5145]: FAILED LOGIN (1) on `ttyq0' from
`vader' FOR `UNKNOWN', Authentication service cannot
retrieve authentication info.


Apparently login handles this correctly but pam_unix.so does not?  Or is
there an option to turn this off?  (I didn't see any args that would do
this in the docs.)

Here is my line in /etc/pam.d/login:

auth       required   pam_unix.so

Reply to:

Prev by Date: Re: MST7MDT timezone broken?
Next by Date: Re: MST7MDT timezone broken?
Previous by thread: Re: Frame Buffer Modes - 2nd post
Next by thread: Help About Pine
Index(es):
- Date
- Thread