Re: Extend logging of openssh-server - e.g. plaintext password

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



What part of „Password Authentication is disabled“ do you not understand?


> Am 18.12.2016 um 11:21 schrieb Nico Kadel-Garcia <nkadel@xxxxxxxxx>:
> 
> On Sat, Dec 17, 2016 at 7:37 PM, Philipp Vlassakakis
> <philipp@xxxxxxxxxxxxxx> wrote:
>> Dear list members,
>> 
>> I want to extend the logging of the openssh-server, so it also logs the entered passwords in plaintext, and yes I know that this is a security issue, but relax, Password Authentication is disabled. ;)
> 
> Oh, dear lord. What part of "a really bad idea and begging for pure
> abuse" is not clear about this idea? Simply setting up a fake server
> with a hostname similar to a common could encourage password
> harvesting.
> 
> It would be much safer to simply avoid activating debugging tools that
> can be so abused.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux