How to log SSHD failed logins with usernames under OpenBSD 5.3?
Since DYNDNS became a payed service, I found a solution to dynamic IP address problem:
OPENWRT router side (dynamic IP, this line is in the CRON):
echo close | ssh LOCATION@SERVER -p 22 > /dev/null 2>&1
SERVER side (with fix IP):
on OpenBSD 5.1 I had nothing to do*
CLIENT side (from where I want to connect to the dynamic IP/OpenWRT router):
vi .bashrc
DYNNAMEHERE() {
DYNNAMEHERE01=`ssh root@DOMAINHERE -p PORTHERE "grep 'user DYNNAMEHERE from' /var/log/authlog | tail -1" | sed 's/ from /\n/g' | tail -1 | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*"`
ssh root@"${DYNNAMEHERE01}" -p PORTHERE
}
and then I just need to use this command:
DYNNAMEHERE
and I'm in the OpenWRT router as root.
QUESTION: *but with OpenBSD 5.3 the failed login usernames doesn't get logged. Why? I tried to set the SSHD loglevel to DEBUG3 (then: "kill -HUP SSHDPID"), but the failed login usernames weren't logged.
Since DYNDNS became a payed service, I found a solution to dynamic IP address problem:
OPENWRT router side (dynamic IP, this line is in the CRON):
echo close | ssh LOCATION@SERVER -p 22 > /dev/null 2>&1
SERVER side (with fix IP):
on OpenBSD 5.1 I had nothing to do*
CLIENT side (from where I want to connect to the dynamic IP/OpenWRT router):
vi .bashrc
DYNNAMEHERE() {
DYNNAMEHERE01=`ssh root@DOMAINHERE -p PORTHERE "grep 'user DYNNAMEHERE from' /var/log/authlog | tail -1" | sed 's/ from /\n/g' | tail -1 | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*"`
ssh root@"${DYNNAMEHERE01}" -p PORTHERE
}
and then I just need to use this command:
DYNNAMEHERE
and I'm in the OpenWRT router as root.
QUESTION: *but with OpenBSD 5.3 the failed login usernames doesn't get logged. Why? I tried to set the SSHD loglevel to DEBUG3 (then: "kill -HUP SSHDPID"), but the failed login usernames weren't logged.
No comments:
Post a Comment