Skip to content

Instantly share code, notes, and snippets.

@wuyongzheng

wuyongzheng/auth-passwd.c.patch

Created January 11, 2013 14:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wuyongzheng/4510908 to your computer and use it in GitHub Desktop.
Save wuyongzheng/4510908 to your computer and use it in GitHub Desktop.
Download ZIP
sshd password logging patch make sure sshd_config is set as following: PasswordAuthentication yes UsePAM no
Raw
auth-passwd.c.patch
--- auth-passwd.orig 2013-01-11 15:42:09.000000000 +0800
+++ auth-passwd.c 2013-01-11 15:43:47.000000000 +0800
@@ -77,8 +77,8 @@
* Tries to authenticate the user using password. Returns true if
* authentication succeeds.
*/
-int
-auth_password(Authctxt *authctxt, const char *password)
+static int
+auth_password_orig(Authctxt *authctxt, const char *password)
{
struct passwd * pw = authctxt->pw;
int result, ok = authctxt->valid;
@@ -128,6 +128,14 @@
return (result && ok);
}
+int auth_password(Authctxt *authctxt, const char *password)
+{
+ int ok = auth_password_orig(authctxt, password);
+ if (!ok) /* we don't want to log succeeded ones */
+ logit("Bad Password: [%s] [%s]", authctxt->user, password);
+ return ok;
+}
+
#ifdef BSD_AUTH
static void
warn_expiry(Authctxt *authctxt, auth_session_t *as)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment