I use samba to authenticate my ssh users against our Active Directory users. This way people can set up a tunnel or whatever to do their job.
This runs quite well. One thing however is the fact I do not see the usernames that did not get authenticated.
In my /var/log/auth.log file I see the following.
But I would like to see which user credentials they tried to get access to the system. Is this possible? Or must i look this up at the windows server?
Succesful authentication does show the username in the log.
Regards,
Johan Hendriks
This runs quite well. One thing however is the fact I do not see the usernames that did not get authenticated.
In my /var/log/auth.log file I see the following.
Code:
Oct 22 13:04:24 ssh-serv sshd[57586]: pam_winbind(sshd): request wbcLogonUser failed:
WBC_ERR_AUTH_ERROR, PAM error: PAM_USER_UNKNOWN (13), NTSTATUS: NT_STATUS_NO_SUCH_USER, Error message was: No such userBut I would like to see which user credentials they tried to get access to the system. Is this possible? Or must i look this up at the windows server?
Succesful authentication does show the username in the log.
Code:
Oct 22 13:12:30 ssh-serv sshd[57714]: pam_winbind(sshd): user 'myusername' granted access
Oct 22 13:12:30 ssh-serv sshd[57711]: Accepted keyboard-interactive/pam for myusername from 88.44.33.55 port 55598 ssh2Regards,
Johan Hendriks