On Sat, Dec 17, 2016 at 7:37 PM, Philipp Vlassakakis <philipp@xxxxxxxxxxxxxx> wrote: > Dear list members, > > I want to extend the logging of the openssh-server, so it also logs the entered passwords in plaintext, and yes I know that this is a security issue, but relax, Password Authentication is disabled. ;) Oh, dear lord. What part of "a really bad idea and begging for pure abuse" is not clear about this idea? Simply setting up a fake server with a hostname similar to a common could encourage password harvesting. It would be much safer to simply avoid activating debugging tools that can be so abused. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
