Hi folks,
I was playing around with sshd and the maxauthtries option. Tailing the log of auth.log I came upon an oddity. If one logs in with not setting of MaxAuthTries (defaults to 3) I get the following log lines:
Code:
Oct 8 11:45:08 h1211164 sshd[32724]: Accepted password for user from i.p.a.d.r port 53251 ssh2
Oct 8 11:45:08 h1211164 sshd[32724]: pam_unix(sshd:session): session opened for user user by (uid=0)
When I set a value for MaxAuthTries I get the same log lines _but_ when setting it to 1 I get following stuff
Code:
Oct 8 11:45:36 h1211164 sshd[32750]: Failed none for user from i.p.a.d.r port 53252 ssh2
Oct 8 11:45:40 h1211164 sshd[32750]: Accepted password for user from i.p.a.d.r port 53252 ssh2
Oct 8 11:45:40 h1211164 sshd[32750]: pam_unix(sshd:session): session opened for user user by (uid=0)
So we have one more line saying "Failed none for user". As I found out this is normal behavior cause ssh checks with an empty password what kind of authentication method are allowed.
What I really wonder about is why setting a certain value to a certain option changes the logging behavior of sshd?