|
|
|
|
|
|
by clarry
4640 days ago
|
|
|
Unfortunately OpenSSH doesn't give you that much control over logging. In my setup I'd like to log successful logins as well as failed login attempts for users that exist, excluding root because logins for root are disabled. This would keep all the scripted (and wholly inneffectual) break-in attempts from flooding the logs while allowing the sysadmin to keep an eye on the more interesting events. I don't use port knocking, nor do I run sshd on a nonstandard port, but I perfectly understand the people who do that just to keep the log spam down. |
|
|