Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- make ssh log massword entered?
November 23, 2005, 12:26 pm
rate this thread
Recently there has been dozens of ssh cracking on my site. They were not
real hackers because they simply tried to guess the passwords using all
kind of imaginable usernames, admin, webmaster, oracle. . . you name it,
but they were very patient, the log shows they worked on it for over an
While no harm is done, I'm interested in knowing what kind of passwords
they would guess. Is there a way to make ssh log the password entered?
- Nico Kadel-Garcia
November 23, 2005, 1:01 pm
Re: make ssh log massword entered?
Depends on what SSH software you're using. For OpenSSH, no, there's no
way to make it log passwords unless you modify the code (although such a
modification is trivial, see auth-passwd.c:auth_password()).
Also be aware that even if you only log failures, there's a good chance
that someone's real password (eg for another service) or an almost-right
password will end up in that log. That log would be another potential
problem if the box hosting it compromised (or if it's sent to a syslog
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum