On 03/01/12 18:23, Bedwell, Jordon wrote: > On Thu, Mar 1, 2012 at 3:16 PM, Mike Mestnik <[email protected]> wrote: >> On 03/01/2012 02:51 PM, Aníbal Monsalve Salazar wrote: >>> On Thu, Mar 01, 2012 at 06:56:07AM -0600, Jordon Bedwell wrote: >>> >>>> The problem is I cannot get sshd to log publickey denied errors to >>>> /var/log/auth.log so our daemons can ban these users. I want to know >>>> what happened to messages like "publickey denied for [user] from [ip]" >>>> I cannot get it to log those messages at all no matter the logging >>>> level. >>>> >>> >> The chroot dosn't have a socket to log to... >> Have syslog listen on something like: /var/run/sshd/dev/log > There is no chroot. I hope I didn't imply there was or is one. > Actually there is. sshd by default runs the key checking/testing and auth in a chroot. Thus even if it sends log messages(and it does) there is no where to send them and so the vanish... by default.
I believe I've opened a bug about this. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
