if user enters wrong password, in logs there is only a line saying: Trying to authenticate user. So we do not know for which user the password was wrong, which user tried to authenticate and failed.
For cases that we would need for example to create a fail2ban jail, it would be useful the line to say something for example:
Trying to authenticate user foo, failed password, IP: 1.2.3.4
Now also the IP is shown in previous line which is not convenient, and there is no way to know if there were any password failures and for which username.
Hi,
if user enters wrong password, in logs there is only a line saying: Trying to authenticate user. So we do not know for which user the password was wrong, which user tried to authenticate and failed.
For cases that we would need for example to create a fail2ban jail, it would be useful the line to say something for example: Trying to authenticate user foo, failed password, IP: 1.2.3.4
Now also the IP is shown in previous line which is not convenient, and there is no way to know if there were any password failures and for which username.