Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

SSH Failed Login logging Username/Password


I would like to know if anyone knows if there is a way to log the username and password for a failed ssh login for a Cisco router running IOS 15.x ?

What I would like to do is to gather the information (username/pass/ip/time/and so on) on all the failed logins that occur so that I can setup statistics and get more information out on what the aggressors are doing. Sort of keeping track that they are not getting to close for comfort.

I do not want to block their attempts but I do want to keep track and be able to make statistics on the realworld data.

Today I can get all the information I want but for the password.

Is there any way to get the password also ?

It would be ok to log my own passwords also if that is what is needed to get this to work.

this would not be a security risk in itself due to config reasons.




SSH Failed Login logging Username/Password


maybe this would fullfill your needs.



Don't forget to rate helpful posts.

Re: SSH Failed Login logging Username/Password

Hi Alain

Sorry it does not give me the password information (although the link has some other nice features)

I have setup logging on the ssh session and that gives me everything I need but the password the agressors try.

but thanks for trying to help


Re: SSH Failed Login logging Username/Password

Due to no answer I take it that it is not possible to do such a thing on the routers ?

I know it is possible on the linux boxes with some tweaks.

I would love to have this feature since that would give me the oportunity to know if we are way off on our policies and also to see what is going on.

I do understand the concerns that one can look at passwords traveling over the net via syslog and so on so if one could configure it to just display failed attempts that would be a nice thing to add also.

Anyone else thinks this is a good idea ?

作成コンテンツを作成するには してください