Dotan Cohen wrote:
2009/1/16 Gavin Elliot Jones <gavin@grassfield.co.uk>:On Thu, Jan 15, 2009 at 08:10:44PM +0200, Dotan Cohen wrote:How can I start logging the passwords attempted as well as the usernames? Thanks.I don't think the standard SSH daemon can log passwords. After all it would be a security risk if passwords started appearing in log files. As I understand it, you would need to alter the source code of the SSH daemon and rebuild it to get that functionality. People doing that though usually only run the modified SSH on a 'honeypot' box that is there purely to capture log in attempts for further analysis.I see, Gavin, and I do agree that this is honeypot area. Thanks.
I would try either honeyd or tinyhoneypot for that. You don't need a full blown ssh dameon for this.
Sjoerd -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Attachment:
signature.asc
Description: OpenPGP digital signature