Hacker News new | ask | show | jobs
by _wldu 1388 days ago
I still see them. They come and go, but are always present at some level.

    2022-08-29T17:35:12.617Z [DEBUG] sshlog gen 113.61.219.237 admin admin SSH-2.0-HELLOWORLD
    2022-08-29T17:48:17.879Z [DEBUG] sshlog gen 218.92.0.190 root poohbear SSH-2.0-PUTTY
    2022-08-29T17:48:18.041Z [DEBUG] sshlog gen 218.92.0.190 root p@ssw0rd3 SSH-2.0-PUTTY
    2022-08-29T17:48:18.2Z [DEBUG] sshlog gen 218.92.0.190 root p@ssword! SSH-2.0-PUTTY
    2022-08-29T17:50:13.507Z [DEBUG] sshlog gen 185.191.205.92 hl hl SSH-2.0-libssh-0.6.3
    2022-08-29T17:52:57.28Z [DEBUG] sshlog gen 138.68.91.192 victoria abc123 SSH-2.0-libssh-0.6.3
1 comments
_iven_ 1388 days ago
May I ask how to configure the sshd to generate logs like yours? I searched for it and could not find much information.
link
ficklepickle 1387 days ago
It's called sshlog. It's a patch that logs username/password.

https://github.com/62726164/sshlog

link
_iven_ 1384 days ago
Thank you very much for the kind reply. I will try it out on one of my vps servers. Looking to have some fun when performing analysis afterwards. Thanks!
link