View Full Version : [ubuntu] Edit ssh config for password login
sprouty
September 27th, 2009, 08:37 AM
Hi,
I'm using ubuntu 8.10 with open ssh sever installed. Does anyone know if i can edit the config file for custom login i.e.
<ip Address>,<Username>,<Password>,<date time stamp>
Any information would be gratefull. I've tried googleing but nothing so far!!
Many Thanks,
Sprouty
bodhi.zazen
September 27th, 2009, 12:47 PM
Not sure what you are wanting but yes you have options.
SSH/OpenSSH/Configuring (https://help.ubuntu.com/community/SSH/OpenSSH/Configuring)
SSH/OpenSSH/Keys (https://help.ubuntu.com/community/SSH/OpenSSH/Keys)
sprouty
October 2nd, 2009, 02:16 PM
Wow just read that back and it makes no sence sorry!!!
I've had ssh enabled on my ip address and see a lot attempts for different user to login. I was wondering if there a way to see/log what password and username combination they are using...
Just something i would be intresting in seeing? anyone got something like this set up?
BQAggie2006
October 2nd, 2009, 02:36 PM
/var/log/auth.log will log what usernames had failed attempts
sprouty
October 2nd, 2009, 04:08 PM
yer, i want to get the password(S) that they are using
BQAggie2006
October 2nd, 2009, 04:16 PM
Don't know how possible that is since passwords transmitted through SSH are encrypted. You might be able to run Wireshark and then run any passwords collected through John the Ripper.
cariboo907
October 3rd, 2009, 02:21 AM
Most attempts to log in via ssh use a dictionary attack, you should see the usernames and passwords the attacker is trying in /var/log/auth.log
sprouty
October 3rd, 2009, 05:33 AM
In /var/log/auth.log i can only see the username no password: please see the end of my auth.log
Oct 3 10:37:14 hostname1 sshd[9236]: Invalid user bob from <myIP>
Oct 3 10:37:14 hostname1 sshd[9236]: Failed none for invalid user bob from <myIP> port 1193 ssh2
Oct 3 10:37:17 hostname1 sshd[9236]: pam_unix(sshd:auth): check pass; user unknown
Oct 3 10:37:17 hostname1 sshd[9236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<myIP>
Oct 3 10:37:20 hostname1 sshd[9236]: Failed password for invalid user bob from <myIP> port 1193 ssh2
Oct 3 10:37:58 hostname1 sshd[9239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<myIP> user=<Valid user>
Oct 3 10:37:59 hostname1 sshd[9239]: Failed password for <Valid user> from <myIP> port 1196 ssh2
Many THanks,
Paul
vBulletin® v3.8.4, Copyright ©2000-2012, Jelsoft Enterprises Ltd.