From owner-freebsd-current@FreeBSD.ORG  Fri Mar 17 01:07:57 2006
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@FreeBSD.org
Delivered-To: freebsd-current@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3913C16A423;
	Fri, 17 Mar 2006 01:07:57 +0000 (UTC)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8224643D46;
	Fri, 17 Mar 2006 01:07:56 +0000 (GMT)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231])
	by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k2H17sWC092221; 
	Fri, 17 Mar 2006 03:07:54 +0200 (EET)
	(envelope-from dmitry@atlantis.dp.ua)
Date: Fri, 17 Mar 2006 03:07:54 +0200 (EET)
From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
To: Garance A Drosehn <gad@FreeBSD.org>
In-Reply-To: <p06230912c03f933e0d8e@[128.113.24.47]>
Message-ID: <20060317030230.G64324@atlantis.atlantis.dp.ua>
References: <20060316145826.M96629@atlantis.atlantis.dp.ua>
	<p06230912c03f933e0d8e@[128.113.24.47]>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-current@FreeBSD.org
Subject: Re: src/etc/periodic/security/800.loginfail
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2006 01:07:57 -0000


Hello!

On Thu, 16 Mar 2006, Garance A Drosehn wrote:
> But that's the problem, once you start down the road of
> matching "everything which might be useful", you open up
> a lot of questions as to which messages *are* interesting,
> and how they should be displayed in the security-email
> message.  After all, *everything* in the authlog file is
> expected to be interesting in one way or another.  Do we
> want to copy the entire file into the security email?  I
> doubt it...

  I understand current intent as "to report login failures",
and I think that refused by the sshd connection attempts
could be treated as such. OTOH, SSH.COM's sshd2 isn't the part
of the base OS, that's why I'm not sure whether such an addition
is "politically correct" (I'm sure it's useful though).

Sincerely, Dmitry
-- 
Atlantis ISP, System Administrator
e-mail:  dmitry@atlantis.dp.ua
nic-hdl: LYNX-RIPE