On Sun, 15 Aug 2004 12:34:59 -0600, Will Aoki wrote: >> Is there a way to make the sshd included with Debian/woody to also log >> the usernames an attacker tried to connect with? > > Set "LogLevel VERBOSE" in /etc/ssh/sshd_config
LogLevel is already set to VERBOSE. But even with LogLevel DEBUG the invalid usernames are not logged. :-( I tested that on three different machines running Debian/woody. Could this be a PAM issue? Is there perhaps a configuration variable to turn on logging of invalid usernames in PAM like LOG_UNKFAIL_ENAB in /etc/login.defs? - Thomas -- PGP: 2047Bit RSA, ID 0x668E601D - Encrypted mail welcome! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]