From owner-freebsd-questions  Thu Sep 23  9:41:50 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by hub.freebsd.org (Postfix) with ESMTP id DC46914F72
	for <freebsd-questions@FreeBSD.ORG>; Thu, 23 Sep 1999 09:41:46 -0700 (PDT)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.9.3/8.9.3) id LAA63146;
	Thu, 23 Sep 1999 11:41:30 -0500 (CDT)
	(envelope-from dan)
Date: Thu, 23 Sep 1999 11:41:30 -0500
From: Dan Nelson <dnelson@emsphone.com>
To: "Jason C. Wells" <jcwells@u.washington.edu>
Cc: FreeBSD-questions <freebsd-questions@FreeBSD.ORG>
Subject: Re: Password in my log file
Message-ID: <19990923114130.A62679@dan.emsphone.com>
References: <Pine.BSF.4.10.9909232126440.94860-100000@s8-37-26.student.washington.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0pre2i
In-Reply-To: <Pine.BSF.4.10.9909232126440.94860-100000@s8-37-26.student.washington.edu>
X-OS: FreeBSD 4.0-CURRENT
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In the last episode (Sep 23), Jason C. Wells said:
> I found my password in my log file!!!!
> 
> I am guessing that I must have typed in my password at the login: prompt
> and syslogd entered the attempt as an attempt from "password".
> 
> Is there a way to make sure this doesn't happen?

Add authpriv.none to the syslog.conf line of the logfile you don't want
private auth information written to.

See the manpage for syslog.conf for a setup that logs sensitive stuff
to /var/log/secure.

-- 
	Dan Nelson
	dnelson@emsphone.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message