illegal user root user failed login attempts
Karol Kwiatkowski
freebsd at orchid.homeunix.org
Tue Apr 26 04:54:24 PDT 2005
Daniel Bye wrote:
> On Tue, Apr 26, 2005 at 09:22:34AM +0100, Peter Kropholler wrote:
>>Is there any way to actually record what passwords
>>the hackers' scripts are trying? I am just really intrigued
>>to know what they are thinking might work.
>
>
> No - ssh transport is encrypted even by the time passwords are involved.
But in this scenario it is me (sshd) who does encryption/decryption :)
As I understand it, there's no way to log password except hacking ssh
daemon source code.
This link might help:
http://seclists.org/lists/incidents/2005/Feb/0004.html
(I haven't tried it and patch is against OpenSSH 3.5p1 - be careful)
Regards,
Karol
--
Karol Kwiatkowski <freebsd at orchid dot homeunix dot org>
More information about the freebsd-questions
mailing list