Dear list members, I want to extend the logging of the openssh-server, so it also logs the entered passwords in plaintext, and yes I know that this is a security issue, but relax, Password Authentication is disabled. ;) The logging is only used for collecting data on my honeypots. After digging through the source, I´ve found a file called „auth.c" auth.c: #ifdef CUSTOM_FAILED_LOGIN if (authenticated == 0 && !authctxt->postponed && (strcmp(method, "password") == 0 || strncmp(method, "keyboard-interactive", 20) == 0 || strcmp(method, "challenge-response") == 0)) record_failed_login(authctxt->user, get_canonical_hostname(options.use_dns), "ssh"); # ifdef WITH_AIXAUTHENTICATE if (authenticated) sys_auth_record_login(authctxt->user, get_canonical_hostname(options.use_dns), "ssh", &loginmsg); # endif #endif“ Now I´ve just thought adding „authctxt->password“ should do the trick…unfortunately not. Is there any way to implement this? Thanks. Philipp _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
