Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Built-in SSH Server does not log anything on authentication failure #13094

Closed
2 of 7 tasks
elesiuta opened this issue Oct 10, 2020 · 0 comments
Closed
2 of 7 tasks

Built-in SSH Server does not log anything on authentication failure #13094

elesiuta opened this issue Oct 10, 2020 · 0 comments
Labels
topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/enhancement An improvement of existing functionality

Comments

@elesiuta
Copy link
Contributor

  • Gitea version (or commit ref): 1.12.5
  • Git version: 2.17.1
  • Operating system: Ubuntu 20.04
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist:

Description

My log level is set to trace, failed attempts (Permission denied (publickey)) do not appear in gitea.log (I also enabled and checked access.log)
This seems to be a regression of #5765 introduced in #7250
Authenticated connections are still logged but the IP address is not (which was also logged before this regression)
@lafriks lafriks added type/enhancement An improvement of existing functionality issue/regression Issue needs no code to be fixed, only a description on how to fix it yourself topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! and removed issue/regression Issue needs no code to be fixed, only a description on how to fix it yourself labels Oct 10, 2020
@elesiuta elesiuta mentioned this issue Oct 15, 2020
Merged
elesiuta added a commit to elesiuta/gitea that referenced this issue Oct 15, 2020
@elesiuta
Log IP on SSH authentication failure
719999a 
fixes go-gitea#13094
@6543 6543 closed this as completed in abb9cff Dec 8, 2020
@go-gitea go-gitea locked and limited conversation to collaborators Jan 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lafriks @elesiuta