Login failures usefulness with OpenSSH 6.1

看板FB_security作者時間12年前 (2013/05/06 08:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/2 (看更多)
Hello everyone, It seems that the login failures reported by the security output of a nightly periodic job has become somewhat useless per OpenSSH 6.1. I used to get username and IP address in the output but it seems that the logging format has changed. Instead of one line the log format now has two lines. One like the ones below and then another coinciding line that contains IP address and username. I think it would be more beneficial outputting the lines with the ip and username over the ones below for the security output. Not sure exactly when this changed but would like to gather some input before I inspect further on the changes that would have to be made. My output is from SVN FreeBSD STABLE 8.3 as of yesterday. Thanks & Clean Regards, ....Sample output... login failures: May 4 00:04:35 disbatch sshd[48898]: fatal: Write failed: Operation not permitted May 4 14:54:14 disbatch sshd[9544]: input_userauth_request: invalid user root [preauth] May 4 18:44:04 disbatch sshd[18326]: fatal: Read from socket failed: Connection reset by peer [preauth] -- Jason Hellenthal JJH48-ARIN -(2^(N-1)) _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 jhellenthal. 的文章
文章代碼(AID): #1HXle2hS (FB_security)
更多 jhellenthal. 的文章
文章代碼(AID): #1HXle2hS (FB_security)