[H-GEN] Just been checking /var/log/secure on my home computer ...
Ewan Edwards
Edwards_Ewan_B at cat.com
Wed Sep 14 23:06:30 EDT 2005
On Thu, 15 Sep 2005 11:51 am, Greg Black wrote:
> >
> > On many default SSHD/PAM setups, yes, it's possible to see. Wrong
> > passwords will give a pause, illegal users will return
> > immediately asking for the password.
Must be the configuration of the firewall I am behind here, or the
combined network latencies ... there's no noticeable difference from
my workstation.
>
> And the way to see what the connecting client gets is to just
> try the same logins they try.
>
<snip>
>
> This box gives identical output for an attempt to login as a real
> but disallowed user.
Same with mine. Just thought there may have been something in the
format or structure of the ip packet that a script may be able to
extract and use.
> Useful details in this case are:
>
> $ uname -srm
> FreeBSD 5.4-RELEASE i386
Linux 2.6.10-1.771_FC2 i686
> $ ssh -V
> OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e 25 Oct 2004
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
Hhmmm ... seems I may be a version or two behind. :-/
Better look at updating.
Also ... probably should note; the home computer is behind a firewall
that is forwarding port 22 connections.
This is not at all important, I was just curious, so don't waste any
time on it ... unless you have some little gem of information the
list population may find interesting.
More information about the General
mailing list