432 – AIX does not log login attempts for unknown users

Bug 432 - AIX does not log login attempts for unknown users

Summary: AIX does not log login attempts for unknown users

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	-current
Hardware:	PPC AIX

Importance:	P2 normal
Assignee:	OpenSSH Bugzilla mailing list

URL:
Keywords:

Depends on:
Blocks:

Reported:	2002-11-08 11:48 AEDT by Darren Tucker
Modified:	2004-04-14 12:24 AEST (History)
CC List:	0 users

See Also:

Attachments
Call loginfailed() on AIX for unknown usernames (542 bytes, patch) 2002-11-08 11:50 AEDT, Darren Tucker	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Darren Tucker 2002-11-08 11:48:46 AEDT

A login attempt by an unknown user (eg via telnet) normally gets logged as:

syslog: pts/4: failed login attempt for UNKNOWN_USER from my.host.com

This is generated by a call to loginfailed(), which substitutes UNKNOWN_HOST for 
the username if it doesn't exist.

AIX never finds out about it because getpwnamallow returns as soon as it finds 
no passwd entry. Following patch calls loginfailed before returning. It 
generates:

syslog: ssh: failed login attempt for UNKNOWN_USER from my.host.com

Comment 1 Darren Tucker 2002-11-08 11:50:41 AEDT

Created attachment 176 [details]
Call loginfailed() on AIX for unknown usernames

Comment 2 Ben Lindstrom 2002-11-10 03:12:13 AEDT

Applied, Thanks to --current

Comment 3 Damien Miller 2004-04-14 12:24:18 AEST

Mass change of RESOLVED bugs to CLOSED