Looking at a recent snapshot, see dmesg at the bottom, I have two
questions about OpenSSH logging.
1) The entry in sshd_config(5) for MaxAuthTries states the following
about log entries:
... Once the number of failures reaches half this
value, additional failures are logged. The default is 6.
Yet the logging of failures seems to occur these days from the very first try.
Has this behavior changed?
2) The client gets disconnected before MaxAuthTries is reached. If I
have it set to 6, I get 5 only tries:
$ ssh -o "NumberOfPasswordPrompts=7" [email protected]
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
Received disconnect from 192.0.2.105: 2: Too many authentication failures
>From the server:
# /usr/sbin/sshd -T | grep maxauthtries
maxauthtries 6
# grep 4704 /var/log/authlog
Mar 19 14:24:26 server sshd[4704]: Failed password for fred from
192.0.2.206 port 55295 ssh2
Mar 19 14:24:36 server sshd[4704]: Failed password for fred from
192.0.2.206 port 55295 ssh2
Mar 19 14:24:40 server sshd[4704]: Failed password for fred from
192.0.2.206 port 55295 ssh2
Mar 19 14:24:43 server sshd[4704]: Failed password for fred from
192.0.2.206 port 55295 ssh2
Mar 19 14:24:49 server sshd[4704]: Failed password for fred from
192.0.2.206 port 55295 ssh2
Mar 19 14:24:49 server sshd[4704]: error: maximum authentication
attempts exceeded for fred from 192.0.2.206 port 55295 ssh2 [preauth]
Mar 19 14:24:49 server sshd[4704]: Disconnecting authenticating user
fred 192.0.2.206 port 55295: Too many authentication failures
[preauth]
If I set the client's NumberOfPasswordPrompts to a lower number than
sshd(8)'s MaxAuthTries, that works as expected and I get the number of
tries specified by the client. If set the client's
NumberOfPasswordPrompts to number greater than or equal to sshd(8)'s
MaxAuthTries, I get only one less than what was set in MaxAuthTries
instead of the full sequence. Is there any way to get the full number
of MaxAuthTries log in attempts?
Regards,
Lars
[ using 595272 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2017 OpenBSD. All rights reserved. https://www.OpenBSD.org
OpenBSD 6.1-beta (GENERIC) #83: Sat Mar 18 01:48:53 MDT 2017
[email protected]:/usr/src/sys/arch/loongson/compile/GENERIC
real mem = 1073741824 (1024MB)
avail mem = 1057243136 (1008MB)
mainbus0 at root: Lemote Yeeloong
cpu0 at mainbus0: STC Loongson2F CPU 797 MHz, STC Loongson2F FPU
cpu0: cache L1-I 64KB D 64KB 4 way, L2 512KB 4 way
bonito0 at mainbus0: memory and PCI-X controller, rev 1
pci0 at bonito0 bus 0
rl0 at pci0 dev 7 function 0 "Realtek 8139" rev 0x10: irq 5, address
00:23:8b:59:df:48
rlphy0 at rl0 phy 0: RTL internal PHY
smfb0 at pci0 dev 8 function 0 "Silicon Motion LynxEM+" rev 0xb0:
1024x600, 16bpp
wsdisplay0 at smfb0 mux 1: console (std, vt100 emulation)
glxpcib0 at pci0 dev 14 function 0 "AMD CS5536 ISA" rev 0x03: rev 3,
32-bit 3579545Hz timer, watchdog, gpio, i2c
isa0 at glxpcib0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
mcclock0 at isa0 port 0x70/2: mc146818 or compatible
ykbec0 at isa0 port 0x381/3
gpio1 at glxpcib0: 32 pins
iic at glxpcib0 not configured
glxclk0 at glxpcib0: clock, prof
pciide0 at pci0 dev 14 function 2 "AMD CS5536 IDE" rev 0x01: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <SanDisk SDCFX3-008G>
wd0: 1-sector PIO, LBA, 7641MB, 15649200 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
auglx0 at pci0 dev 14 function 3 "AMD CS5536 Audio" rev 0x01: isa irq
9, CS5536 AC97
ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0)
audio0 at auglx0
ohci0 at pci0 dev 14 function 4 "AMD CS5536 USB" rev 0x02: isa irq 11,
version 1.0, legacy support
ehci0 at pci0 dev 14 function 5 "AMD CS5536 USB" rev 0x02: isa irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "AMD EHCI root hub" rev
2.00/1.00 addr 1
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 configuration 1 interface 0 "AMD OHCI root hub" rev
1.00/1.00 addr 1
apm0 at mainbus0
umass0 at uhub0 port 1 configuration 1 interface 0 "Generic
USB2.0-CRW" rev 2.00/58.87 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: <Generic-, Multi-Card, 1.00> SCSI0
0/direct removable serial.0bda0158114173400000
urtw0 at uhub0 port 4 configuration 1 interface 0 "Realtek RTL8187B"
rev 2.00/2.00 addr 3
urtw0: RTL8187B rev E, address 00:17:c4:4d:ed:56
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
pmon bootpath: /dev/disk/wd0
boot device: wd0
root on wd0a (5e05878d9ed345f0.a) swap on wd0b dump on wd0b
