SSH activity logs reporting passwords in clear text
Article ID: 387404
Updated On:
Products
Symantec ZTNA
Issue/Introduction
ZTNA setup with SSH Applications.
Users accessing these SSH applications successfully.
When ZTNA admin parsing the forensic logs, all SSH commands are displayed including any passwords entered.
Is there an option to avoid this?
Environment
ZTNA.
SSH applications.
Forensic logging.
Resolution
Modify the activity log setting to disable SSH activity in forensic logs.
Additional Information
ZTNA product team working on feature request to mask out password details when SSH activity logging enabled.
Feedback
Yes
No
Powered by
