Operating System - HP-UX
1833685 Members
3935 Online
110062 Solutions
New Discussion

Increasing Logging details for logins

 
SOLVED
Go to solution
Kvetch
New Member

Increasing Logging details for logins

I was wondering if there was a way to increase the level of logging for logins? I have auth.debug in my syslog.conf but noticed that if I attempt to log into my box using a fake name it will log that event but it doesn't report how many times I tred entering the password. Same goes for telnet, if I can connect via telnet and sit there all day trying names and passwords (I have it set to lock an account after 3 bad passwords) but it only reports back once.

So if I telnet to this box and use a valid user with a bad password I get the following only once no matter how many times I try
login: pam_authenticate: error Authentication failed

If I try and use different names I get the following only once no matter how many times I pound at it in one connection attempt
login: pam_authenticate: error No account present for user

I haven't figured out why but sometimes I also get this but only once too.
login: pam_acct_mgmt: error No account present for user

How can I get telnet to report the user name like ssh does and how can I get it to log each time a bad password or bad username is used?

Lastb lists the attempts but not whether it was successful or not. I have auditing on for both Successful and Failed Events.

Thanks,
Nick
3 REPLIES 3
Ivan Krastev
Honored Contributor
Solution

Re: Increasing Logging details for logins

For telnet logging try inetd -l (for logging all connections). To enable it put INETD_ARGS="-l" in file /etc/rc.config.d/netdaemons


regards,
ivan
Ivan Ferreira
Honored Contributor

Re: Increasing Logging details for logins

If you add the debug option for the pam_hpsec module in /etc/pam.conf, you get a little more information:

login auth required libpam_unix.so.1 debug

Sep 20 18:18:36 hostname login: unix pam_sm_authenticate(login baduser), flags = 0
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Kvetch
New Member

Re: Increasing Logging details for logins

perfect thanks guys.