In my opinion, this bug deserves more attention, as it might be relevant
for security:
If configured with "PrintLastLog yes" (the default), openssh-server
checks /var/log/lastlog. It prints a *LastLogin: Date from IP* message
in the post-login banner. Deprecation of lastlog functionality in Debian
13 Trixie effectively disables the LastLogin notice. Discussion should
focus around the functionality, i.e. whether or not future
openssh-server editions should *provide an option to display the last
login in the banner*. The option name *PrintLastLog *refers to its
implementation (i.e. inspection of /var/log/lastlog), which is
unfortunate. If the functionality was to be continued, it should be
renamed to *PrintLastLogin *(or similar). But most importantly, it would
have to find another source of information, like the journal.
Therefore, I believe that *countless workaround proposals *found on the
internet *hide rather than address the problem*. Creating an empty
/var/log/lastlog might keep openssh-server quiet about not finding the
file, but it surely will not supply any information about the last user
login. The same ist true for attempts to stop those messages from
appearing in the journal.
Andreas
