Logging passwords of SSH attacks

To: debian-user. <debian-user@lists.debian.org>
Subject: Logging passwords of SSH attacks
From: "Dotan Cohen" <dotancohen@gmail.com>
Date: Thu, 15 Jan 2009 20:10:44 +0200
Message-id: <[🔎] 880dece00901151010m6322cf14if12d15939ba276be@mail.gmail.com>

I get a few thousands of these every day in the logs:
Illegal users from:
    70.85.222.106 (sales.gbdweb.com): 518 times
       anna/password: 1 time
       apache/password: 1 time
       arthur/password: 1 time
       attack/password: 1 time
       awharton/password: 1 time

How can I start logging the passwords attempted as well as the
usernames? Thanks.

-- 
Dotan Cohen

http://what-is-what.com
http://gibberish.co.il

א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת
ا-ب-ت-ث-ج-ح-خ-د-ذ-ر-ز-س-ش-ص-ض-ط-ظ-ع-غ-ف-ق-ك-ل-م-ن-ه‍-و-ي
А-Б-В-Г-Д-Е-Ё-Ж-З-И-Й-К-Л-М-Н-О-П-Р-С-Т-У-Ф-Х-Ц-Ч-Ш-Щ-Ъ-Ы-Ь-Э-Ю-Я
а-б-в-г-д-е-ё-ж-з-и-й-к-л-м-н-о-п-р-с-т-у-ф-х-ц-ч-ш-щ-ъ-ы-ь-э-ю-я
ä-ö-ü-ß-Ä-Ö-Ü

Reply to:

Follow-Ups:
- Re: Logging passwords of SSH attacks
  - From: Thierry Chatelet <tchatelet@free.fr>
- Re: Logging passwords of SSH attacks
  - From: Florian Mickler <florian@mickler.org>
- Re: Logging passwords of SSH attacks
  - From: gavin@grassfield.co.uk (Gavin Elliot Jones)

Prev by Date: Re: Remove pls
Next by Date: Re: English grammar checker
Previous by thread: Re: Remove pls
Next by thread: Re: Logging passwords of SSH attacks
Index(es):
- Date
- Thread