Given the most recent security scare with distribution-patched sshd having a backdoor because it indirectly linked to xz, I'd expect sentiment to be strongly against adding any integrations. While there is some utility to what you are suggesting, maybe it makes more sense to split apart the fail2ban log parsing from its jail functionality and use it to parse logs onto D-bus. Let's keep sshd as simple and secure as it can be. --Gregory On Thu, Apr 11, 2024 at 05:01:37PM +0200, Krzysztof Kowalski wrote: > Dear OpenSSH developers, > > > I was looking at the fail2ban project and had an idea that instead of > parsing log files it could be possible to notify interested parties (like > fail2ban) via (for instance) D-bus about a failed login attempt. > > Other application could also use this protocol to notify about suspect > behaviors. A central functionality will allow for other (new) projects to > integrate without much effort. > > What do you think? > > > Best regards > > Krzysztof Kowalski > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
