| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201109231205.p8NC5aQk026676@bari.maths.usyd.edu.au> Date: Fri, 23 Sep 2011 22:05:36 +1000 From: paul.szabo@...ney.edu.au To: full-disclosure@...ts.grok.org.uk, laurelai@...echan.org Subject: Re: sshd logins without a source Dear Laurelai, >> I do not think that sshd normally logs its source. ... To produce the >> desired log, I added to /etc/hosts.allow the line >> sshd : all : spawn /usr/bin/logger -t"%d[%p]" "Connection source %h port %r" > > Don't most modern Linux distros log sshd by default? If for whatever > reason yours doesn't you can set the log level in the sshd config. My Debian sshd comes with "LogLevel INFO" in /etc/ssh/sshd_config. I never found documentation on what a "LogLevel VERBOSE" would do, so never changed it; my hosts.allow line does exactly what I want, and a similar line can do it for telnetd also. (Don't laugh...) Cheers, Paul Paul Szabo psz@...hs.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists