logging options "SyslogFacility" and "LogLevel". See the sshd manual
page for details.
+4. Warning messages about key lengths
+
+Commercial SSH's ssh-keygen program contained a bug which caused it to
+occasionally generate RSA keys which had their Most Significant Bit
+(MSB) unset. Such keys were advertised as being full-length, but are
+actually only half as secure.
+
+OpenSSH will print warning messages when it encounters such keys. To
+rid yourself of these message, edit you known_hosts files and replace
+the incorrect key length (usually "1024") with the correct key length
+(usually "1023").
+
+5. Spurious PAM authentication messages in logfiles
+
+OpenSSH will generate spurious authentication failures at every login,
+similar to "authentication failure; (uid=0) -> root for sshd service".
+These are generated because OpenSSH first tries to determine whether a
+user needs authentication to login (e.g. empty password). Unfortunatly
+PAM likes to log all authentication events, this one included.
+
+If it annoys you too much, set "PermitEmptyPasswords no" in
+sshd_config. This will quiet the error message at the expense of
+disabling logins to accounts with no password set. This is the
+default if you use the supplied sshd_config file.
andersk / openssh.git / blobdiff