On 17/08/15 11:36, ricky wrote:
I think this is probably my first post to this mailing list, so hello!
Occasionally I log in to my servers from IP addresses without reverse DNS configured, so sometimes I'll see an IP I don't recognise because I can't remember what I did the day before and get a bit spooked until I WHOIS the IP and find the netname reminds me I logged in from that IP.
I set out prepared to script it, but I understand that the reporting of failed/last logins is only really configurable at source, so instead of submitting a hilarious poorly coded patch from which I receive numerous critique and ridicule, I figured I'd just submit the idea/use-case and hope that at least one of you think it might be a nice idea. Even if I were to be able to submit openssh patches with code that is not awful, I think it sensible to check to see if you'd be prepared to accept such a patch in the first place anyway.
Regards,
Ricky Burgin
Welcome Ricky,
Don't worry, we wouldn't treat you that bad :)
I'm not sure if the (optional) change you propose should happen at ssh
before sending to syslog, or rather by a wrapper showing the IPs. In the
former case, I don't think you should put whois search code into
openssh, but allow it to run an external program which would fetch the
additional data.
You are interested in netname, but someone else may just be interested
in the country and another in the AS.
Also I wouldn't be surprised if doing that reliably turns out to be
quite complex (differences between rirs, several netnames, ips with no
netname at all…) even though the initial assumption would be simply:
whois $ip | grep -i ^netname:
Best regards
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev