Marvin Kosmal wrote: > > This is from my log file > ... > Mar 13 21:05:01 - denyhosts : INFO monitoring log: /var/log/messages > ... > > What do you have in /etc/log/auth.log > > I have this kind of stuff in mine > > Mar 13 09:27:58 kosmal sshd[31232]: Failed password for root from > 88.191.154.90 port 51934 ssh2 > Mar 13 09:27:58 kosmal sshd[31232]: Received disconnect from > 88.191.154.90: 11: Bye Bye [preauth] > Mar 13 09:27:59 kosmal sshd[31234]: pam_unix(sshd:auth): > authentication failure; logname= uid=0 euid=0 tty=ssh ruser= > rhost=88-191-154-90.rev.dedibox.fr user=root Marvin, You have denyhosts configured to monitor '/var/log/messages' but failed login attempts are being logged to '/etc/log/auth.log'. In '/etc/denyhosts.conf' (or whatever file is used to configure denyhosts on Ubuntu) set: # Ubuntu SECURE_LOG = /etc/log/auth.log # Redhat or Fedora Core: #SECURE_LOG = /var/log/secure and restart denyhosts. Regards, Matthew Roth InterMedia Marketing Solutions Software Engineer and Systems Developer -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
