Comment 2 for bug 562388

Andy Smith (grifferz) wrote :

I don't agree that this is not a bug; as Michael pointed out there are log file processors like fail2ban which can't tell the difference between an auth failure from this and an auth failure from a guess.

It could possibly be worked around in the logging daemon or in every package that consumes the logs, but wouldn't it make more sense to just be able to not log it in the first place unless all available auth modules fail?