sshd maxauthtries set to one changes log behaviour

		LinuxQuestions.org > Forums > Linux Forums > Linux - Software
sshd maxauthtries set to one changes log behaviour

Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

10-08-2012, 05:39 AM	#1
zhjim Senior Member Registered: Oct 2004 Distribution: Debian Squeeze x86_64 Posts: 1,748 Blog Entries: 11 Rep:	sshd maxauthtries set to one changes log behaviour Hi folks, I was playing around with sshd and the maxauthtries option. Tailing the log of auth.log I came upon an oddity. If one logs in with not setting of MaxAuthTries (defaults to 3) I get the following log lines: Code: Oct 8 11:45:08 h1211164 sshd[32724]: Accepted password for user from i.p.a.d.r port 53251 ssh2 Oct 8 11:45:08 h1211164 sshd[32724]: pam_unix(sshd:session): session opened for user user by (uid=0) When I set a value for MaxAuthTries I get the same log lines _but_ when setting it to 1 I get following stuff Code: Oct 8 11:45:36 h1211164 sshd[32750]: Failed none for user from i.p.a.d.r port 53252 ssh2 Oct 8 11:45:40 h1211164 sshd[32750]: Accepted password for user from i.p.a.d.r port 53252 ssh2 Oct 8 11:45:40 h1211164 sshd[32750]: pam_unix(sshd:session): session opened for user user by (uid=0) So we have one more line saying "Failed none for user". As I found out this is normal behavior cause ssh checks with an empty password what kind of authentication method are allowed. What I really wonder about is why setting a certain value to a certain option changes the logging behavior of sshd?

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
How to have a log for sshd?	xpucto	Linux - Networking	4	06-03-2008 04:37 AM
Starting sshd: /etc/init.d/sshd: line 113: /usr/sbin/sshd: Permission denied	sumanc	Linux - Server	5	03-28-2008 04:59 AM
Log all sshd attempts	hbar	Debian	2	01-29-2008 03:53 PM
SSHD log?	itz2000	Linux - Security	6	11-15-2005 08:39 AM
sshd log -am I in trouble?	c_mitulescu	Linux - Security	2	12-13-2004 05:27 PM

All times are GMT -5. The time now is 08:20 PM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions