Hi,
Having the IP address in the log would help prevent a potential denial of
service attack on fail2ban users. Consider this auth.log and fail2ban.log
auth.log:Jul 14 02:21:00 servername sshd[9572]: User admin from
search.example.org not allowed because none of user's groups are listed in
A
martin f krafft writes:
> Please consider to log the IP instead of the reverse DNS entry in
> the following log message:
> sshd[22199]: PAM 3 more authentication failures; logname= uid=0 euid=0
> tty=ssh ruser= rhost=ns1.onemessageministries.org user=root
> I know that SSH checks forward an
Package: openssh-server
Version: 1:6.0p1-3
Severity: minor
Tags: upstream
Please consider to log the IP instead of the reverse DNS entry in
the following log message:
sshd[22199]: PAM 3 more authentication failures; logname= uid=0 euid=0
tty=ssh ruser= rhost=ns1.onemessageministries.org user=
3 matches
Mail list logo
