Hi,
We are logging failed authentication attempts, with the attempted
password as auth_verbose_passwords=sha1
The question: is it possible to configure auth_verbose_passwords=plain
for a specific user only? Turning it on globally would be too much
sensitive information for the purpose.
> On 23/03/2022 11:47 mj wrote:
>
>
> Hi,
>
> We are logging failed authentication attempts, with the attempted
> password as auth_verbose_passwords=sha1
>
> The question: is it possible to configure auth_verbose_passwords=plain
> for a specific user only? Turning it on globally would be
> On 23/03/2022 12:18 mj wrote:
>
>
> Op 23-03-2022 om 11:11 schreef Aki Tuomi:
> >
> > Well, is the sha1 value same every time? If it is, then they are trying
> > same password each time.
> >
> > Aki
>
> Yes, understood. :-)
>
> The SHA1 changes, but each SHA1 is tried multiple times.
Op 23-03-2022 om 11:11 schreef Aki Tuomi:
Well, is the sha1 value same every time? If it is, then they are trying same
password each time.
Aki
Yes, understood. :-)
The SHA1 changes, but each SHA1 is tried multiple times.
The question is: can we find out, just for this specific user,
Op 23-03-2022 om 12:29 schreef Aki Tuomi:
1. Try hashing possible password candidates and compare
2. Temporarily log everyone's passwords and then sanitize logs after you're
done.
No way to enable that option for a single user.
Thank you! I will follow your advise.
Hi,
So I have waited to see what comes in updates and while it hasn't been
fixed on my end, it at least doesn't panic anymore and properly errors
out. This error has only happened when deleting folders. No other action
I do from day to day has triggered this in the logs that I can see.
Mar
On 23/03/2022 19.30, mj wrote:
Op 23-03-2022 om 12:29 schreef Aki Tuomi:
1. Try hashing possible password candidates and compare
2. Temporarily log everyone's passwords and then sanitize logs after you're
done.
No way to enable that option for a single user.
While there is no way to
On Wed, 23 Mar 2022, mj wrote:
We are currently observing a high number of failed authentications for a
specific user, coming from *many* diffirent IPs across the globe, with most
IPs only trying once or twice, making this difficult to block. The number of
failed authentications cause this