Hello,
sshd included with Debian/sarge logs connection attempts with illegal
usernames this way:
sshd[xxx]: Illegal user <username> from xxx.xxx.xxx.xxx
sshd[xxx]: Failed unknown for illegal user <username> from xxx.xxx.xxx.xxx port xxxxx
ssh2
However, the older sshd version from Debian/woody by default only logs
the following when trying to connect with an illegal username:
sshd[xxx]: Connection from xxx.xxx.xxx.xxx port xxxxx
sshd[xxx]: Enabling compatibility mode for protocol 2.0
Is there a way to make the sshd included with Debian/woody to also log
the usernames an attacker tried to connect with?
- Thomas
--
PGP: 2047Bit RSA, ID 0x668E601D - Encrypted mail welcome!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
