I have sshd listening on multiple ports. Currently I see the log message: Oct 17 11:59:32 myhost sshd[13784]: Bad protocol version identification '\200F\001\003\001' from NNN.NNN.NNN.NNN Somebody connected to it and protocol was invalid. The message will become much more informative if it contained the port on which the connection wad made. This should be fixed for all messages that sshd prints on per-connection basis. OpenSSH 6.2p2 from FreeBSD tree.
Created attachment 2355 [details] include port in invalid banner message
Patch has been committed; this will be in OpenSSH-6.4 due in 2-3 months time.
Comment on attachment 2355 [details] include port in invalid banner message >+ logit("Bad protocol version identification '%.100s' " >+ "from %s port %d", client_version_string, >+ get_remote_ipaddr(), get_remote_port()); that's the remote port, the request was for the local (ie listening) port. Certainly I think it's worth having the remote port (eg for NAT pools).
Also, there are other messages of the same kind (issued per-connection) that should be fixed as well. Ex. "Did not receive identification string from %s" I suggest you create the variant of logit for this. I realize with the current code just using "va_list args" this isn't trivial to do without the code duplication.
I don't mind adding full host/port information to a few important messages (authentication events, etc.), but I don't think that every message needs to include the same redundant information. We have a "Connection from ..." message that should include it all. How about: > - verbose("Connection from %.500s port %d", remote_ip, remote_port); > + verbose("Connection from %s port %d on %s port %d", > + remote_ip, remote_port, > + get_local_ipaddr(sock_in), get_local_port()); ?
I added the local host address and port to the "Connection from ..." message that is shown at loglevel>=verbose.
closing resolved bugs as of 8.6p1 release