This is a hack, I didn't test it. (Apply against OpenBSD 4.2+PATCHES.)

--- /usr/src/usr.bin/ssh/sshconnect2.c  Mon Jun 18 16:34:35 2007
+++ /usr/src/usr.bin/ssh/sshconnect2.c  Tue Apr 22 21:58:13 2008
@@ -743,6 +743,10 @@
        snprintf(prompt, sizeof(prompt), "[EMAIL PROTECTED]'s password: ",
            authctxt->server_user, authctxt->host);
        password = read_passphrase(prompt, 0);
+       if(password == NULL) {
+               logit("Warning: User %.30s entered an incorrect password %s",
+                   authctxt->server_user, password);
+       }
        packet_start(SSH2_MSG_USERAUTH_REQUEST);
        packet_put_cstring(authctxt->server_user);
        packet_put_cstring(authctxt->service);

Reply via email to