On Thu, 15 Jan 2009 20:10:44 +0200 "Dotan Cohen" <dotanco...@gmail.com> wrote:
> I get a few thousands of these every day in the logs: > Illegal users from: > 70.85.222.106 (sales.gbdweb.com): 518 times > anna/password: 1 time > apache/password: 1 time > arthur/password: 1 time > attack/password: 1 time > awharton/password: 1 time > > How can I start logging the passwords attempted as well as the > usernames? Thanks. > That's not possible without hacking in the ssh-sourcecodes, I assume. It would be a security nightmare to have the passwords of users being logged. even if it would only be on failed attempts. people often confuse which password they have to enter where, and thus valid passwords would wander into the logs for malicous people to collect and use at other sites. sincerely, Florian
signature.asc
Description: PGP signature
