Subject: Re: logging bad login attempts
To: Randy Terbush <>
From: John F. Woods <>
List: current-users
Date: 03/07/1995 14:33:08
> > It does not appear to be possible to log failed login attempts
> > with the supplied login.  (ie the attempted login, etc.)
> # The authpriv log file should be restricted access;
> # these messages shouldn't go to terminals or publically-readable files.
> authpriv.*                                      /var/log/secure
> then it'll do what you want.

Make absolutely sure, though, that it's really what you want:  logging
actual supplied logins is often a great way to offer cleartext passwords
to an adversary...