When I ssh to a system and enter not existing username (for example: bleble) in syslog there is reported error somethin like "failed authentication for user bleble"
When I do the same with telnet, then I see in syslog something like: "filed authentication for UNKNOWN_USER"
I think it is seriuos security problem. I a user by mistake enters his passowrds instead of his login, the password is written in plain text to the syslog.
Has anyone observed this issue on the other openssh versions?
When I do the same with telnet, then I see in syslog something like: "filed authentication for UNKNOWN_USER"
I think it is seriuos security problem. I a user by mistake enters his passowrds instead of his login, the password is written in plain text to the syslog.
Has anyone observed this issue on the other openssh versions?