[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Logging passwords of SSH attacks



On Thu, Jan 15, 2009 at 08:10:44PM +0200, Dotan Cohen wrote:
> How can I start logging the passwords attempted as well as the
> usernames? Thanks.

I don't think the standard SSH daemon can log passwords. After all it
would be a security risk if passwords started appearing in log files.

As I understand it, you would need to alter the source code of the SSH
daemon and rebuild it to get that functionality. People doing that
though usually only run the modified SSH on a 'honeypot' box that is
there purely to capture log in attempts for further analysis.

Gavin


Reply to: